Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --
"Susan Hares" <shares@ndzh.com> Thu, 26 May 2016 17:50 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A70412D562 for <i2rs@ietfa.amsl.com>; Thu, 26 May 2016 10:50:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.738
X-Spam-Level: *
X-Spam-Status: No, score=1.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, RDNS_NONE=0.793] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BQgxZHCw8MOs for <i2rs@ietfa.amsl.com>; Thu, 26 May 2016 10:50:45 -0700 (PDT)
Received: from hickoryhill-consulting.com (unknown [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30EE912D7E1 for <i2rs@ietf.org>; Thu, 26 May 2016 10:50:44 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=174.124.182.128;
From: Susan Hares <shares@ndzh.com>
To: 'Andy Bierman' <andy@yumaworks.com>, 'Juergen Schoenwaelder' <j.schoenwaelder@jacobs-university.de>, 'Jeffrey Haas' <jhaas@pfrc.org>, i2rs@ietf.org
References: <010101d1b6d0$c51fbf60$4f5f3e20$@ndzh.com> <20160525223345.GA12545@elstar.local> <CABCOCHSGa5q9mqiSk8urS3MQu40KEyqD57Ki6V+AMzkeS-WGTg@mail.gmail.com>
In-Reply-To: <CABCOCHSGa5q9mqiSk8urS3MQu40KEyqD57Ki6V+AMzkeS-WGTg@mail.gmail.com>
Date: Thu, 26 May 2016 13:50:30 -0400
Message-ID: <041e01d1b777$185ca110$4915e330$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQI/JAKNkO8ofPtuVY7KY8y82XrZmwGE7LbjAWBPWuye2XMqMA==
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/05IYFSSAjnUCPDcpDKcUXP3vIsE>
Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 May 2016 17:50:46 -0000
Andy: On Ephemeral-REQ-05/06: You are correct, the ephemeral indication in Yang could be an extension. Do you have a suggestion to revise the text for Ephemeral-REQ-05? Ephemeral-REQ-05: The ability to augment an object with appropriate YANG structures that have the property of being ephemeral. An object defined as Yang module, schema tree, a schema node, submodule or components of a submodule (derived types, groupings, data node, RPCs, actions, and notifications". Ephemeral-REQ-06: Yang MUST have a way to indicate in a data model that nodes have the following properties: ephemeral, writable/not- writable, status/configuration, and secure/non-secure transport. (If you desire examples, please see [I-D.hares-i2rs-protocol-strawman] for potential yang syntax). Sue From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Andy Bierman Sent: Wednesday, May 25, 2016 10:13 PM To: Juergen Schoenwaelder; Susan Hares; Jeffrey Haas; i2rs@ietf.org Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt -- On Wed, May 25, 2016 at 3:33 PM, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> wrote: On Wed, May 25, 2016 at 05:59:54PM -0400, Susan Hares wrote: >> Juergen: >> Thank you for your comments on the ephemeral state\ >> On Ephemeral-REQ-05, does this clarify the requirement: >> Ephemeral-REQ-05: The ability to add on an object (or a hierarchy of >> objects) that have the property of being ephemeral. An object defined as > Yang module, schema tree, a schema node, submodule or components of a submodule (derived types, groupings, data node, RPCs, actions, and notifications). > [Juergen]: I have no clue what the above sentence is trying to say. Please try to use YANG terminology. >> Any ephemeral object must be able to be identified by a yang key word. >[Andy]: Why does there have to be a YANG keyword? >This could be an extension and not a keyword, depending on how it is done. The > extension vs. keyword debate will not be rehashed here, but there is an issue wrt/ >how the data definition is interpreted by tools/protocols that do not understand the >extension and just ignore it. >Shared: > > list foo { > i2rs:ephemeral true; > .... > } I2RS-only: > i2rs:ephemeral { > list foo { ... } > } Sue: This works for me. >> On Ephemeral-REQ-06, does this text restrict the definition to just >> requirements: >> "Ephemeral-REQ-06: Yang MUST have a way to >> indicate in a data model that nodes have the following >> properties: ephemeral, writable/not-writable, status/configuration, >> and secure/non-secure transport. >> (If you desire examples, please see draft-hares-i2rs-protocol-strawman for >> potential yang syntax). > [Andy]: We do have config true/false this implies writable/not-writable. I > find the idea strange that a data model defines secure/non-secure > transport as a property of an data model definition since it usually > depends on the deployment context whether it is acceptable to carry > data over a non-secure transport. Sue: You are correct that config true/false implies that writable/non-writeable. Sue: On Secure/non-secure: The data model defines information that must be passed over secure or non-secure transport. The type of transport is left to the protocol. >This is a very expensive feature wrt/ standards resources. > First the WG has to agree that all the subtree data is OK to send in the clear under all circumstances. (Including augmenting nodes?) > Then this needs to be carefully reviewed by the SECDIR and IESG. > Both steps will require lots of IETF time. Sue: Agreed. However, the WG set this in its architecture and its initial requirements. > I agree that operators need to have the final say. Sue: Ok, then we should design it and see if the operators use it. >This extension is the opposite of the nacm:default-deny-all extension. >But it is designed to allow operators to configure access through NACM. >How does an operator override the extension? >And if the operator can override, why is an extension even needed? >If not, then what criteria is used to decide the data is universally non-secure? Sue: I do not see how this extension is the opposite of "nacm:default-deny-all" extension or relates to the operators access through NACM. The purpose is not to change who can connect, only what type of transport the messages go over. >>Andy Thanks for commenting. Sue = [snip]
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Juergen Schoenwaelder
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Andy Bierman
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares