IETF Logo Mail Archive

Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)

"Ben Campbell" <ben@nostrum.com> Mon, 16 May 2016 15:06 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8F1312D0F2 for <i2rs@ietfa.amsl.com>; Mon, 16 May 2016 08:06:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.326
X-Spam-Level:
X-Spam-Status: No, score=-3.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCc-GpwuGsAx for <i2rs@ietfa.amsl.com>; Mon, 16 May 2016 08:06:44 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C0F312D197 for <i2rs@ietf.org>; Mon, 16 May 2016 08:06:43 -0700 (PDT)
Received: from [172.20.10.3] (mobile-166-170-033-119.mycingular.net [166.170.33.119] (may be forged)) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id u4GF6crK039845 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 16 May 2016 10:06:39 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host mobile-166-170-033-119.mycingular.net [166.170.33.119] (may be forged) claimed to be [172.20.10.3]
From: Ben Campbell <ben@nostrum.com>
To: Eric Voit <evoit@cisco.com>
Date: Mon, 16 May 2016 11:06:31 -0400
Message-ID: <EE863476-41F4-4DFD-8157-186A802E11A3@nostrum.com>
In-Reply-To: <167d2323d3264287a30c36c1950984b5@XCH-RTP-013.cisco.com>
References: <nidiby0qci3n2ht5drnnsbdo.1462576153656@email.android.com> <9e9692bd22a041ba91e39a9f7dce8c9e@XCH-RTP-013.cisco.com> <00a901d1ad2e$f8a21e10$e9e65a30$@ndzh.com> <E6EC8518-6365-429F-B315-565FE15774F8@nostrum.com> <167d2323d3264287a30c36c1950984b5@XCH-RTP-013.cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: MailMate (1.9.4r5234)
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/vyEwpmsofJW9njfiGHxyH8WFJ98>
Cc: "i2rs@ietf.org" <i2rs@ietf.org>, "i2rs-chairs@ietf.org" <i2rs-chairs@ietf.org>, Alia Atlas <akatlas@gmail.com>, "draft-ietf-i2rs-pub-sub-requirements@ietf.org" <draft-ietf-i2rs-pub-sub-requirements@ietf.org>, The IESG <iesg@ietf.org>, Susan Hares <shares@ndzh.com>
Subject: Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 May 2016 15:06:47 -0000

That works for me. I will clear the DISCUSS.

Thanks!

Ben.

On 16 May 2016, at 9:46, Eric Voit (evoit) wrote:

> Hi Ben,
>
>
>
> There is no issue with rewording to a requirement rather than an 
> intro.  The second sentence below has been changed to meet 2119.
>
>
>
> Some uses of this Subscription Service will push privacy-sensitive 
> updates and metadata.  For privacy-sensitive deployments, subscription 
> information MUST be bound within secure, encrypted transport layer 
> mechanisms.  For example if NETCONF is used as transport, then 
> [RFC5539] would be a valid option to secure the transported 
> information.  The Subscription Service can also be used with emerging 
> privacy-sensitive deployment contexts as well.  As an example, 
> deployments based on [i2rs-usecase] would apply these requirements in 
> conjunction with those documented within [i2rs-environment-security] 
> and [i2rs-protocol-security] to secure ephemeral state information 
> being pushed from a Network Element.
>
>
>
> Eric
>
>
>
>> From: Ben Campbell, May 15, 2016 3:18 PM
>
>>
>
>> Hi Eric and Sue,
>
>>
>
>> Thanks for the change, and I think it's on the right track. But I 
>> notice most of the
>
>> other requirements, in the security considerations section and in 
>> other sections,
>
>> use 2119 keywords. Is there a reason not to do so here? Would it be 
>> reasonable
>
>> to say that any embodiment of these requirements MUST support a 
>> transport
>
>> that provides encryption and integrity protection, and such a 
>> transport MUST be
>
>> used when carrying privacy-sensitive information?
>
>>
>
>> Thanks!
>
>>
>
>> Ben.
>
>>
>
>>
>
>> On 13 May 2016, at 10:49, Susan Hares wrote:
>
>>
>
>>> Eric:
>
>>>
>
>>>
>
>>>
>
>>> Thanks for jumping in and putting out text that resolves Ben’s
>
>>> comments.  This text works for me with one addition.  Add reference 
>>> to
>
>>> the security environment draft.
>
>>>
>
>>>
>
>>>
>
>>> Sue
>
>>>
>
>>>
>
>>>
>
>>> From: Eric Voit (evoit) [mailto:evoit@cisco.com]
>
>>> Sent: Friday, May 13, 2016 11:26 AM
>
>>> To: Susan Hares; Ben Campbell; Alia Atlas 
>>> (akatlas@gmail.com<mailto:akatlas@gmail.com>)
>
>>> Cc: The IESG; i2rs@ietf.org<mailto:i2rs@ietf.org>;
>
>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; 
>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>
>
>>> Subject: RE: [i2rs] Ben Campbell's Discuss on
>
>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
>
>>>
>
>>>
>
>>>
>
>>> Hi Ben,
>
>>>
>
>>>
>
>>>
>
>>> I have added the text below as the lead-in to section 4.2.5.  I
>
>>> believe this meets the intents of your suggestions below.
>
>>>
>
>>>
>
>>>
>
>>> Hi Susan & Alia,
>
>>>
>
>>>
>
>>>
>
>>> I have uploaded v08 of
>
>>>
>
>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-pub-sub-requirements/
>
>>>
>
>>> If Ben concurs with the text below, I am not aware of any remaining
>
>>> discuss items.
>
>>>
>
>>>
>
>>>
>
>>> Thanks everyone for your reviews,
>
>>>
>
>>> Eric, Alex, & Alberto
>
>>>
>
>>>
>
>>> 4.2.5.  Security Requirements
>
>>>
>
>>>    Some uses of this Subscription Service will push 
>>> privacy-sensitive
>
>>>    updates and metadata.  Good deployment practices will bind this
>
>>>    generated information within secure, encrypted transport layer
>
>>>    mechanisms.  For example if NETCONF is used as transport, then
>
>>>    [RFC5539] would be a valid option to secure the transported
>
>>>    information.  The Subscription Service can also be used with
>
>>> emerging
>
>>>    deployment contexts as well.  As an example, deployments based on
>
>>>    [i2rs-usecase] can apply these requirements in conjunction with
>
>>> those
>
>>>    documented within [i2rs-protocol-security] to secure ephemeral
>
>>> state
>
>>>    information being pushed from a Network Element.
>
>>>
>
>>>
>
>>>
>
>>>
>
>>> From: Susan Hares [mailto:shares@ndzh.com]
>
>>> Sent: Friday, May 06, 2016 7:09 PM
>
>>> To: Ben Campbell
>
>>> Cc: Eric Voit (evoit); The IESG; 
>>> i2rs@ietf.org<mailto:i2rs@ietf.org>;
>
>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; 
>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>
>
>>> Subject: Re: [i2rs] Ben Campbell's Discuss on
>
>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
>
>>>
>
>>>
>
>>>
>
>>> Ben:
>
>>>
>
>>>
>
>>>
>
>>> This is wise idea.  I will suggest some text to Eric and you in the
>
>>> morning.
>
>>>
>
>>>
>
>>>
>
>>> Sue
>
>>>
>
>>>
>
>>>
>
>>>
>
>>>
>
>>>
>
>>>
>
>>> Sent via the Samsung Galaxy Note5, an AT&T 4G LTE smartphone
>
>>>
>
>>> -------- Original message --------
>
>>>
>
>>> From: Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>>
>
>>>
>
>>> Date: 5/6/2016 2:38 PM (GMT-06:00)
>
>>>
>
>>> To: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>>
>
>>>
>
>>> Cc: Eric Voit <evoit@cisco.com<mailto:evoit@cisco.com>>, The IESG 
>>> <iesg@ietf.org<mailto:iesg@ietf.org>>,
>
>>> i2rs@ietf.org<mailto:i2rs@ietf.org>, 
>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>,
>
>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>
>
>>>
>
>>> Subject: Re: [i2rs] Ben Campbell's Discuss on
>
>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
>
>>>
>
>>>
>
>>>
>
>>> Hi Susan,
>
>>>
>
>>> To be clear, I do not object to the wider context per se. My concern
>
>>> is
>
>>> that the security and privacy requirements are left as implicit, 
>>> based
>
>>> on the more narrow i2rs/netconf context. I only mentioned the
>
>>> potential
>
>>> of restricting the contextas one possible way forward; I am 
>>> certainly
>
>>> not wedded to it.
>
>>>
>
>>> My suggestion for a way forward would be to document the high level
>
>>> security and privacy requirements in this document. IIUC, the larger
>
>>> context includes potentially unknown contexts, so some of this may
>
>>> need
>
>>> to be conditional. For example, language like the following might be
>
>>> helpful (this is just an example--I don't mean to say that it is 
>>> true
>
>>> or
>
>>> applicable):
>
>>>
>
>>>   "Some uses of this mechanism may carry privacy-sensitive
>
>>> information,
>
>>> or generate    privacy-sensitive metadata through the subscription
>
>>> mechanism. In contexts where this is true, the following 
>>> requirements
>
>>> apply..."
>
>>>
>
>>> It might also be reasonable to say that, for the context of i2rs,
>
>>> these
>
>>> requirements are documented in [references] and are expected to be
>
>>> fulfilled by the [transport and or protocol]
>
>>>
>
>>> Eric's email also suggested that the actual transport of data from 
>>> the
>
>>> Yang datastore may be out of scope for these requirements. I don't
>
>>> object to that, either, as long as it is clear and explicit, 
>>> although
>
>>> it
>
>>> would be good to point to where it is _in_ scope.
>
>>>
>
>>> Thanks!
>
>>>
>
>>> Ben.
>
>>>
>
>>> On 6 May 2016, at 1:06, Susan Hares wrote:
>
>>>
>
>>>> Ben:
>
>>>>
>
>>>> This is the first of the "re-use" management protocols.  The
>
>>>> requirements
>
>>>> are set-up so that we can suggest additions to the NETCONF and
>
>>>> RESTCONF for
>
>>>> this first of I2RS.
>
>>>>
>
>>>> The I2RS ephemeral work, pub/sub, traceability, and security are
>
>>>> target at
>
>>>> the I2RS protocol definition with the I2RS use case.  However, 
>>>> since
>
>>>> these
>
>>>> are general additions to NETCONF/RESTCONF, this work can be used
>
>>>> elsewhere.
>
>>>>
>
>>>> I think the text you are highlighting has this larger context.   
>>>> Now,
>
>>>> one of
>
>>>> the really important things to chat with Alia and Benoit is how do 
>>>> we
>
>>>> handle
>
>>>> the wider use case.   Do we mention the wider context?
>
>>>>
>
>>>> The WG thought mentioning it was important.
>
>>>>
>
>>>> Sue
>
>>>>
>
>>>> -----Original Message-----
>
>>>> From: Ben Campbell [mailto:ben@nostrum.com]
>
>>>> Sent: Thursday, May 05, 2016 5:31 PM
>
>>>> To: Susan Hares
>
>>>> Cc: Eric Voit; The IESG; i2rs@ietf.org<mailto:i2rs@ietf.org>;
>
>>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; 
>>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>
>
>>>> Subject: Re: [i2rs] Ben Campbell's Discuss on
>
>>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
>
>>>>
>
>>>> On 5 May 2016, at 5:15, Susan Hares wrote:
>
>>>>
>
>>>>> Eric, Ben and IESG members:
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> The pub/sub requirements are part of a 5 part requirements.   May 
>>>>> I
>
>>>>> quote
>
>>>>> from the shepherd's report:
>
>>>>>
>
>>>>> ---------------------
>
>>>>>
>
>>>>> The requirements for the first version of I2RS are:
>
>>>>>
>
>>>>> 1) model driven ephemeral state - that is data models that do not
>
>>>>> survive
>
>>>>>
>
>>>>>     a software or hardware reboot.
>
>>>>>
>
>>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-ephemeral-state/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> 2) a secure protocol -
>
>>>>>
>
>>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-protocol-security-req
>
>>>>> uireme
>
>>>>> nts/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> 3) traceability - ability to record interactions between I2RS
>
>>>>> elements
>
>>>>>
>
>>>>> (Client, Agent, Routing system)
>
>>>>>
>
>>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-traceability/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> 4) notification publication via subscription
>
>>>>>
>
>>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-pub-sub-requirements/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> 5) Protocol to pass Data for Analytics
>
>>>>>
>
>>>>> The first version of these requirements does not include a
>
>>>>>
>
>>>>> separate analytical protocol requirements as the simple use cases
>
>>>>> may
>
>>>>>
>
>>>>> pass information via query/poll or the notifications.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> The I2RS protocol exists in an secure environment described by:
>
>>>>>
>
>>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-security-environment-
>
>>>>> reqs/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> -------------------------
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Eric - Perhaps it would be good to point to:
>
>>>>>
>
>>>>> .         draft-ietf-i2rs-protocol-security-requirements and
>
>>>>>
>
>>>>> .         draft-ietf-i2rs-security-environment-reqs/
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Ben - Can you tell me how the shepherd report could have been
>
>>>>> clearer?
>
>>>>>  The
>
>>>>> I2rs protocol security requirements require:  confidentiality,
>
>>>>> encryption, secure transport, protection against replay attack,
>
>>>>> protection against DDoS attack (if possible).
>
>>>>
>
>>>> I think my confusion lies in the fact that, while the shepherd's
>
>>>> writeup
>
>>>> styles this draft as part of the I2RS protocol requirements, the
>
>>>> draft
>
>>>> itself claims to describe requirements for a generally useful 
>>>> pub-sub
>
>>>> interface to a yang datastore. It's not clear to me how and when 
>>>> the
>
>>>> I2RS
>
>>>> protocol security requirements apply to it. If the described
>
>>>> interface
>
>>>> is
>
>>>> intended to be useful in contexts other than I2RS (and the draft
>
>>>> explicitly
>
>>>> sets that expectation in 2.2), it needs to talk more generally 
>>>> about
>
>>>> security and privacy.
>
>>>>
>
>>>> For example, it might make sense to say that certain security
>
>>>> requirements
>
>>>> apply in environments where the mechanism might carry privacy
>
>>>> sensitive
>
>>>> data, and then point to the i2rs requirements for when the 
>>>> mechanism
>
>>>> is used
>
>>>> in an I2RS context.
>
>>>>
>
>>>> A different approach might be to more tightly constrain this to 
>>>> i2rs
>
>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Ben - On opting in, once the receive accepts a transport 
>>>>> connection
>
>>>>> from the I2RS server - how is this not an opt-in to receive data?
>
>>>>> What
>
>>>>> are you looking for?
>
>>>>
>
>>>> I guess that depends on the transport. The transport requirements 
>>>> say
>
>>>> the
>
>>>> mechanism has to work over multiple transports. The last paragraph 
>>>> in
>
>>>> 4.2.4
>
>>>> says "In the case of connection-oriented transports..." which
>
>>>> suggests
>
>>>> that
>
>>>> non-connection-oriented transports are possible.
>
>>>>
>
>>>> Even with a connection-oriented transport, this may depend on how
>
>>>> connection-management is handled, and whether the receiver might be
>
>>>> receiving things it _wants_ to receive on the same transport.
>
>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Sue Hares
>
>>>>>
>
>>>>> (shepherd)
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> -----Original Message-----
>
>>>>> From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Eric Voit
>
>>>>> (evoit)
>
>>>>> Sent: Wednesday, May 04, 2016 7:25 PM
>
>>>>> To: Ben Campbell; The IESG
>
>>>>> Cc: i2rs@ietf.org<mailto:i2rs@ietf.org>; 
>>>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>;
>
>>>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>; 
>>>>> shares@ndzh.com<mailto:shares@ndzh.com>
>
>>>>> Subject: Re: [i2rs] Ben Campbell's Discuss on
>
>>>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and 
>>>>> COMMENT)
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Hi Ben,
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Thanks for the comment.   In-line....
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>> From: Ben Campbell, May 04, 2016 2:49 PM
>
>>>>>
>
>>>>>> ----------------------------------------------------------------------
>
>>>>>
>
>>>>>> DISCUSS:
>
>>>>>
>
>>>>>> ----------------------------------------------------------------------
>
>>>>>
>
>>>>>>
>
>>>>>
>
>>>>>> I have a couple of points I would like to discuss. Hopefully they
>
>>>>>> can
>
>>>>>
>
>>>>>> be resolved
>
>>>>>
>
>>>>>> easily:
>
>>>>>
>
>>>>>>
>
>>>>>
>
>>>>>> Are there really no requirements for privacy or integrity
>
>>>>>> protection?
>
>>>>>
>
>>>>>> Is there an expectation that this mechanism would ever carry
>
>>>>>> privacy
>
>>>>>
>
>>>>>> sensitive or otherwise sensitive information?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> [eric's comment:
>
>>>>>
>
>>>>> When the subscription is established dynamically via an existing
>
>>>>> transport
>
>>>>> session (which is expected to be the dominant case) we have the 
>>>>> same
>
>>>>> expectations for Privacy and integrity as would be provided via a
>
>>>>> "GET"
>
>>>>> instead of a "PUSH" over the same transport.   We could have
>
>>>>> replicated all
>
>>>>> these requirements, but that was seen as unnecessary and likely 
>>>>> less
>
>>>>> secure
>
>>>>> than adopting existing mechanisms.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> When the Subscriber and Receiver are different, then the transport
>
>>>>> connection will have credentials passed as part of the
>
>>>>> establishment.
>
>>>>> These
>
>>>>> credentials will be used as a Security Grooming Filter just like 
>>>>> the
>
>>>>> above
>
>>>>> case so that pushed objects will be excluded from an Update
>
>>>>> Notification as
>
>>>>> per the permissions of the Receiver.   (I.e., this is identical
>
>>>>> behavior to
>
>>>>> the above.)    As several people have had questions about this, 
>>>>> the
>
>>>>> new v07
>
>>>>> will make this explicit in the Security section.
>
>>>>>
>
>>>>> End of eric's comment]
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Sue: The transport provides for privacy, integrity protection.
>
>>>>> Most
>
>>>>> configuration in network boxes would need privacy.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>> - 4.2.5, 2nd to last paragraph:
>
>>>>>
>
>>>>>> I am surprised to find that, when the receiver is not the
>
>>>>>> subscriber,
>
>>>>>
>
>>>>>> that the receiver is expected to opt-out. It seems like some form
>
>>>>>> of
>
>>>>>
>
>>>>>> opt-in or affirmative consent would be needed here.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> The question really was how heavy-weight should the mechanism be.
>
>>>>> Transports been considering are all encrypted.  So there is 
>>>>> already
>
>>>>> a
>
>>>>> level
>
>>>>> of trust between the peers.  And a target can always pull down the
>
>>>>> connection if there are issues.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> In addition, multicast transports are viable for some future 
>>>>> cases.
>
>>>>> We
>
>>>>> didn't want mechanisms which complicated this type of interaction,
>
>>>>> especially in a world where dumb IoT devices may be involved.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Sue: If the receiver accepts a secure transport set-up from the
>
>>>>> server, can
>
>>>>> you provide the reason why this is not an "opt-in" once it 
>>>>> receives
>
>>>>> the
>
>>>>> connection from the I2RS agent?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>> ----------------------------------------------------------------------
>
>>>>>
>
>>>>>> COMMENT:
>
>>>>>
>
>>>>>> ----------------------------------------------------------------------
>
>>>>>
>
>>>>>>
>
>>>>>
>
>>>>>> - General: I support Stephen's DISCUSS
>
>>>>>
>
>>>>>>
>
>>>>>
>
>>>>>> -2.2: What is the real scope of this work? Is it expected to
>
>>>>>> supplant
>
>>>>>
>
>>>>>> the mentioned mechanisms?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> No.   It is just showing that many specialized Push mechanism 
>>>>> exist.
>
>>>>> This
>
>>>>> is not intended to supplant existing mechanisms, although perhaps 
>>>>> it
>
>>>>> can
>
>>>>> help avoid future dedicated solutions.
>
>>>>>
>
>>>>>> - 2.3: "We need a new pub-sub
>
>>>>>
>
>>>>>>    technology"
>
>>>>>
>
>>>>>> The shepherd write up mentioned a goal to use existing
>
>>>>>> technologies.
>
>>>>>
>
>>>>>> Is the point of this sentence to suggest that is not feasible?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Existing technologies cannot meet all the requirements specified.
>
>>>>> There are
>
>>>>> technology drafts progressing in NETCONF which can.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>> - 4.1, 4th paragraph:
>
>>>>>
>
>>>>>> The MAY doesn't seem right--is this a statement of fact that the
>
>>>>>
>
>>>>>> subscriber may have to resubscribe, or a requirement of the form
>
>>>>>> that
>
>>>>>
>
>>>>>> the service MAY force the subscriber to resubscribe? (Be careful
>
>>>>>> with
>
>>>>>
>
>>>>>> MAYs in requirements language--they imply unexpected things. For
>
>>>>>
>
>>>>>> example, several requirements say a SUBSCRIBE MAY do 
>>>>>> something--do
>
>>>>>
>
>>>>>> those imply that the service MUST allow the subscriber to do it 
>>>>>> ?)
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Good point.   Reworded in v07.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>>> -- 4.2.2, third bullet: The previous section said dampening 
>>>>>> periods
>
>>>>>
>
>>>>>> MUST be supported.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Yes, but dampening is never for periodic subscriptions.
>
>>>>>
>
>>>>>> - 4.2.1, third paragraph: This is a bit ambiguous. I think it 
>>>>>> means
>
>>>>>> to
>
>>>>>
>
>>>>>> change the what subtrees the subscription applies to, but could 
>>>>>> be
>
>>>>>
>
>>>>>> interpreted to change the subtrees themselves.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Fixed
>
>>>>>
>
>>>>>> - 4.2.6.4: Would a mechanism that allowed out-of-order delivery 
>>>>>> but
>
>>>>>
>
>>>>>> gave the subscriber a way to reconstruct the order fulfill this
>
>>>>> requirement?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Yes, the timestamp within an update.  But this requirement targets 
>>>>> a
>
>>>>> specific object in a specific subscription.  So there should be no
>
>>>>> issues.
>
>>>>>
>
>>>>>> Nits:
>
>>>>>
>
>>>>>> - The shepherd write up suggests this is standards track. The 
>>>>>> draft
>
>>>>>
>
>>>>>> and tracker both say informational. Please update the shepherd 
>>>>>> writ
>
>>>>>> up.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Fixed
>
>>>>>
>
>>>>>> -3, last paragraph: What's the difference between a "Push" and an
>
>>>>> "Update"?
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Reworded
>
>>>>>
>
>>>>>> -4.1: A forward reference to the subscription QoS section would 
>>>>>> be
>
>>>>> helpful.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Moved the requirement in question to 4.2.6.
>
>>>>>
>
>>>>>> -- Last paragraph, last sentence: Sentence doesn't parse.
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Fixed
>
>>>>>
>
>>>>>>
>
>>>>>
>
>>>>>> - 4.2.8, third paragraph: I don't think that should be a 2119 MAY
>
>>>>>
>
>>>>>
>
>>>>>
>
>>>>> Fixed
>
>>>>>
>
>>>>> Thanks again for the review!
>
>>>>>
>
>>>>> Eric
>
>>>>>
>
>>>>> _______________________________________________
>
>>>>>
>
>>>>> i2rs mailing list
>
>>>>>
>
>>>>>  <mailto:i2rs@ietf.org> i2rs@ietf.org<mailto:i2rs@ietf.org>
>
>>>>>
>
>>>>>  <https://www.ietf.org/mailman/listinfo/i2rs>
>
>>>>> https://www.ietf.org/mailman/listinfo/i2rs

v2.23.0 | Report a Bug | By Email