Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Wed, 25 May 2016 22:34 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE8A012B056 for <i2rs@ietfa.amsl.com>; Wed, 25 May 2016 15:34:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.626
X-Spam-Level:
X-Spam-Status: No, score=-5.626 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wk4__PO-Bxb6 for <i2rs@ietfa.amsl.com>; Wed, 25 May 2016 15:34:48 -0700 (PDT)
Received: from atlas3.jacobs-university.de (atlas3.jacobs-university.de [212.201.44.18]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 037CF12DE09 for <i2rs@ietf.org>; Wed, 25 May 2016 15:33:58 -0700 (PDT)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas3.jacobs-university.de (Postfix) with ESMTP id 538C1715; Thu, 26 May 2016 00:33:56 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas3.jacobs-university.de ([10.70.0.220]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10030) with ESMTP id yTa6uhZedsjN; Thu, 26 May 2016 00:33:40 +0200 (CEST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas3.jacobs-university.de (Postfix) with ESMTPS; Thu, 26 May 2016 00:33:54 +0200 (CEST)
Received: from localhost (demetrius4.jacobs-university.de [212.201.44.49]) by hermes.jacobs-university.de (Postfix) with ESMTP id 161ED2005F; Thu, 26 May 2016 00:33:54 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius4.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id 2An4qgrbWcof; Thu, 26 May 2016 00:33:50 +0200 (CEST)
Received: from elstar.local (elstar.jacobs.jacobs-university.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id F2AF62005E; Thu, 26 May 2016 00:33:49 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501) id D57DB3AF3A9E; Thu, 26 May 2016 00:33:48 +0200 (CEST)
Date: Thu, 26 May 2016 00:33:47 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Susan Hares <shares@ndzh.com>
Message-ID: <20160525223345.GA12545@elstar.local>
Mail-Followup-To: Susan Hares <shares@ndzh.com>, 'Jeffrey Haas' <jhaas@pfrc.org>, i2rs@ietf.org
References: <010101d1b6d0$c51fbf60$4f5f3e20$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
Content-Transfer-Encoding: 8bit
In-Reply-To: <010101d1b6d0$c51fbf60$4f5f3e20$@ndzh.com>
User-Agent: Mutt/1.6.0 (2016-04-01)
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/FIDqGDKjQ1xLa4yvfCWwMyoSt2c>
Cc: 'Jeffrey Haas' <jhaas@pfrc.org>, i2rs@ietf.org
Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 May 2016 22:34:50 -0000
On Wed, May 25, 2016 at 05:59:54PM -0400, Susan Hares wrote: > Juergen: > > > > Thank you for your comments on the ephemeral state. > > > > On Ephemeral-REQ-05, does this clarify the requirement: > > > > Ephemeral-REQ-05: The ability to add on an object (or a hierarchy of > objects) that have the property of being ephemeral. An object defined as > Yang module, > > schema tree, a schema node, submodule or components of a submodule (derived > types, groupings, data node, RPCs, actions, and notifications). I have no clue what the above sentence is trying to say. Please try to use YANG terminology. > Any ephemeral object must be able to be identified by a yang key word. Why does there have to be a YANG keyword? > On Ephemeral-REQ-06, does this text restrict the definition to just > requirements: > > > > "Ephemeral-REQ-06: Yang MUST have a way to > > indicate in a data model that nodes have the following > > properties: ephemeral, writable/not-writable, status/configuration, > > and secure/non-secure transport. > > (If you desire examples, please see draft-hares-i2rs-protocol-strawman for > > potential yang syntax). " We do have config true/false this implies writable/not-writable. I find the idea strange that a data model defines secure/non-secure transport as a property of an data model definition since it usually depends on the deployment context whether it is acceptable to carry data over a non-secure transport. > On Ephemeral-REQ-07, NETCONF chairs asked for conceptual changes to NETCONF > and RESTCONF. Does change to Ephemeral-REQ-07 requirement set work for you? > If it does, I will create a similar reduction for Ephemeral-REQ-08: > > --------- > > Ephemeral-REQ-07: The bundle of conceptual changes to NETCONF to required to > support the I2RS protocol are the following: > > 1) protocol version support for I2RS protocol modifications - (e.g. I2RS > version 1); I do not understand what this is supposed to mean since NETCONF extensions usually are identified by a capability URN. So why is there a need for something else? > 2) support ephemeral model scope indication - which indicates whether a > module is ephemeral only, mixed config module (config with ephemeral), mixed > derived state (ephemeral and config), Not sure what this means. > 3) multiple message support - uses the I2RS "all or none" > (ietf-i2rs-architecture, section 7.9) which is the same as the NETCONF > "roll-back-on-error". So what is the requirement here? > 4) Support for the following NETCONF protocol specifications: > > NETCONF [RFC6241], > > yang pub-sub push [draft-ietf-netconf-yang-push], > > Yang module library [draft-ietf-netconf-yang-library], > > call-home support [draft-ietf-netconf-call-home], > > zero-touch support [draft-ietf-netconf-zero-touch], and > > server model [draft-ietf-netconf-server-module] with Why do you list this under changes to NETCONF? > 7) The ability to restrict insecure transports to specific portions of a > data model marked as valid to transfer via an insecure protocol, See above. > 8) ephemeral overwriting of ephemeral MUST be controlled by the following > two policy knobs (draft-ietf-i2rs-architecture, section 6.3, 6.3.1): > > * Policy Knob 1: ephemeral configuration overwrites local configuration > (normal value: true) > > *Policy Knob 2: update of local configuration value supersedes and > overwrites the ephemeral configuration value (normal value: false) And if I set both to true we run into a race? I am stopping here. I do not even understand why we need yet another list of requirements that just rephrase requirements already written down in other documents. What is the goal of this exercise? /js > 9) The ephemeral state overwriting a local configuration described in 8) > above is considered to be the composite of all ephemeral state values by > all clients. Some may consider this a single "pane of glass" for the > ephemeral values. You seem to assume a certain architectural model and it is unclear whether there is agreement on this model. There is ongoing discussion about this, see for example draft-schoenw-netmod-revised-datastores-00. > 10) The ephemeral state must support notification of write conflicts using > the priority requirements (see section 3.7 below, specifically requirements > Ephemeral-REQ-09 through Ephemeral-REQ-14). > > > > 11) Ephemeral data stores SHOULD not require support for interactions with > writeable-running, candidate data stores, confirmed commit, and a distinct > start-up capability. > > > > ========== > > > > On Ephemeral-09, this is covered in SEC-REQ-01. Section 3.7.1 was added as > explanation. It will be moved to the protocol-security-strawman. > > > > On Ephemeral-09 (second instance): is an extension of SEC-REQ-07 and > SEC-REQ-08. Will this change to Ephemeral-09 work for you? > > > > "Ephemeral-REQ-09: The data nodes MAY store I2RS client identity and not the > effective priority at the time the data node is stored. Per SEC-REQ-07 in > section 3.1 of [draft-ietf-i2rs-protocol-security-requirements], an > identifier must have just one priority. Therefore, the data nodes MAY store > I2RS client identity and not the effective priority at the time the data > node is stored. Priority MAY be dynamically changed by AAA protocols and > how the protocol handles the revision of a client's priority SHOULD be > defined by the protocol specification as long as the collisions are handled > as described by Ephemeral-REQ-10, Ephemeral-REQ-11, and Ephemeral-REQ-12." > > > > To your questions of repetition in Ephemeral-REQ-10, Ephemeral-REQ-11, > Ephemeral-REQ-12: Ephemeral write collisions utilize SEC-REQ-07 which > defines that an identifier MUST have only one priority. Ephemeral write > collisions are related to role-based data model security > (draft-ietf-i2rs-protocol-security-requirements, section 3.5), but only > SEC-REQ-19 underscores the use of "one identifier with one priority" in the > use of a I2RS client by multiple applications. You may be recalling input > from the I2RS-architecture document. > > > > On Ephemeral-REQ-13: This requirement has an explanation that I would like > to keep because the requirement has been misunderstood repeatedly in both > groups. Since this requirement represents to summation of the NETCONF/I2RS > sessions, I prefer to keep this requirement and ask the WG for input. > > > > > On the Pub-sub requirements: > > I will remove all pub-sub-requirements and add the following: > > > > 1) Pub-Sub-REQ-01: The Subscription Service MUST support subscriptions > against ephemeral data in operational data stores, configuration data stores > or both. > > 2) Pub-Sub-REQ-02: The Subscription Service MUST support filtering so > that subscribed updates under a target node might publish only ephemeral > data in operational data or configuration data, or publish both ephemeral > and operational data. > > > > > Sue > > > > -----Original Message----- > From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Juergen Schoenwaelder > Sent: Tuesday, May 17, 2016 2:24 PM > To: Jeffrey Haas > Cc: i2rs@ietf.org > Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt > > > > On Tue, May 17, 2016 at 12:26:35PM -0400, Jeffrey Haas wrote: > > > Jürgen, > > > > > > On Fri, May 06, 2016 at 09:34:45AM +0200, Juergen Schoenwaelder wrote: > > > > I have a hard time with this document. Section 3 is labelled > > > > requirements but it actually details solution and I disagree with a > > > > significant number of the solution elements. > > > > > > If you were to restrict your comments to the requirements labeled > variously: > > > Ephemeral-REQ-XX > > > PubSub-REQ-X > > > > > > do you consider the items sufficiently well described to be a > > > requirements document? > > > > Mostly: > > > > - I do not understand what Ephemeral-REQ-05 is trying to say. > > > > - I disagree with Ephemeral-REQ-06 and section 3.4.1 all sounds like > > solution attempts (to which I do not agree). > > > > > > - I disagree with Ephemeral-REQ-07 and all of section 3.5 and > > subsections; this is not a requirement but an attempt to describe a > > solution. > > - I disagree with Ephemeral-REQ-08 and all of section 3.5 and > > subsections; this is not a requirement but an attempt to describe a > > solution. > > > > - Has Ephemeral-REQ-09 (the first one) not been stated elsewhere > > already? > > > > - Ephemeral-REQ-xx with xx >= 09 and xx <= 13 seem repetitions from > > requirements already stated elsewhere? > > > > - I did not understand section 3.7.3 and I am unsure what > > Ephemeral-REQ-13 or more specifically whether it is different from > > what is already stated in the requirements. I have trouble parsing > > some of the sentences, e.g. > > > > [...] I2RS notes multiple operations in one or > > more messages handling can handle errors within the set of operations > > in many ways. > > > > - I do not understand PubSub-REQ-1; what is the difference between > > synchronous and asynchronous push? > > > > - I may disagree with PubSub-REQ-2 but then I do not know what 'real > > time for notifications' means. > > > > - I may disagree with PubSub-REQ-3. > > > > - I do not understand what PubSub-REQ-4 means; what is a 'critical > > node event'? How do I decide this requirement has been met? > > > > - PubSub-REQ-5 seems to mix up different issues. I do not know what a > > hierarchy of filters of XPATHs is. > > > > - PubSub-REQ-6 is likely underspecified. > > > > Overall, I do not understand why we need these additional requirements given > that we have draft-ietf-i2rs-pub-sub-requirements-08.txt. > > > As Sue mentioned, we can migrate solution-space discussion wholly into > > > the strawman document. > > > > In general, it would help me if you make an effort to reduce the number of > documents and if you make an effort to avoid document overlaps. Sometimes > less is more. > > > > /js > > > > -- > > Juergen Schoenwaelder Jacobs University Bremen gGmbH > > Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany > > Fax: +49 421 200 3103 < <http://www.jacobs-university.de/> > http://www.jacobs-university.de/> > > > > _______________________________________________ > > i2rs mailing list > > <mailto:i2rs@ietf.org> i2rs@ietf.org > > <https://www.ietf.org/mailman/listinfo/i2rs> > https://www.ietf.org/mailman/listinfo/i2rs > -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Juergen Schoenwaelder
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Andy Bierman
- Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-… Susan Hares