IETF Logo Mail Archive

Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --

Andy Bierman <andy@yumaworks.com> Thu, 26 May 2016 02:12 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8885612D105 for <i2rs@ietfa.amsl.com>; Wed, 25 May 2016 19:12:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3ctJ9UyDzCKP for <i2rs@ietfa.amsl.com>; Wed, 25 May 2016 19:12:46 -0700 (PDT)
Received: from mail-yw0-x22d.google.com (mail-yw0-x22d.google.com [IPv6:2607:f8b0:4002:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E77112B00D for <i2rs@ietf.org>; Wed, 25 May 2016 19:12:46 -0700 (PDT)
Received: by mail-yw0-x22d.google.com with SMTP id x189so64078652ywe.3 for <i2rs@ietf.org>; Wed, 25 May 2016 19:12:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=QRoiEzjk75j7pcLIANZpXsWNSn+gn7qjEol0pd8YxC0=; b=oS6MCg4ZxuhSYRR7z8fo1WMbKGoZS7xGNDcVnFW2ACs077fIC0M5w52UrNvZ0uHUCQ UGEYbJB4l6LljPuBxKLv4IsxufZOOQ0YC4tksXgC2/uCCeaRSWHwWzEpjAV4e3/KGeEI pa7pYrkY5I4jTbz9lgLxfpnWDDYFIrCEj1BuBpKNmpyyDDzEv3bex4va4d0ho7jz0JcT vE+Ecsw6XnPDyuIcNLihsTGlYrIaaY5LQrr1j7n1ezRdU9c6TaIlrbtnO948tcMenDJo hW99ef1XE13ddxF6Jrx3OQ/PuMLYr2CUAXMr/JeP7aNgde9LAe+NUJZrCJ3gqoq7OEKF mjQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to; bh=QRoiEzjk75j7pcLIANZpXsWNSn+gn7qjEol0pd8YxC0=; b=ew3eMqJI7khbWu2AnIInH/f1JlHnVVuDpNOKNx2ZFusu1xOubQnmVytTkgUQ4Lua/7 AJNf2iV1EM+NWOoHaOOqeR84XeZCnSHDPbtpZNRuzNXFJbXDnYhVinN8x3qDGgHgE81q wSVHNPN7oGKeN5GgBkzW8fUm99mjUrp90UVtC3j5n2kiUcQ1+dwmrUa4Ql/xLmIUJu1X 52bA2JINnUb/GgAQDy6pfNKUTBFOUWTp17Fg4qc4SK13rGdOwbbZc6ITA6jQurrcrvf5 TO8O7LriIXarjVLP4twfCSaDxjqWPyg32vrE0NcdPAIwbHU0U47y7EyXRsPL3uHIPhTe ynFA==
X-Gm-Message-State: ALyK8tLyTjFyA3UvuifK7B+MLG3KslR97yUBHMl0aZGHBjJZ3Wgtjcn0JFRa2aQai4noLucu0M6D73LgHVgmmQ==
MIME-Version: 1.0
X-Received: by 10.129.74.86 with SMTP id x83mr4850483ywa.38.1464228765229; Wed, 25 May 2016 19:12:45 -0700 (PDT)
Received: by 10.37.44.199 with HTTP; Wed, 25 May 2016 19:12:45 -0700 (PDT)
In-Reply-To: <20160525223345.GA12545@elstar.local>
References: <010101d1b6d0$c51fbf60$4f5f3e20$@ndzh.com> <20160525223345.GA12545@elstar.local>
Date: Wed, 25 May 2016 19:12:45 -0700
Message-ID: <CABCOCHSGa5q9mqiSk8urS3MQu40KEyqD57Ki6V+AMzkeS-WGTg@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, Susan Hares <shares@ndzh.com>, Jeffrey Haas <jhaas@pfrc.org>, "i2rs@ietf.org" <i2rs@ietf.org>
Content-Type: multipart/alternative; boundary="001a114c8c3a6c335f0533b55384"
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/y0m5Oixd-8ko2FcgdOIpdtFzR7A>
Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt --
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 May 2016 02:12:49 -0000

On Wed, May 25, 2016 at 3:33 PM, Juergen Schoenwaelder <
j.schoenwaelder@jacobs-university.de> wrote:

> On Wed, May 25, 2016 at 05:59:54PM -0400, Susan Hares wrote:
> > Juergen:
> >
> >
> >
> > Thank you for your comments on the ephemeral state.
> >
> >
> >
> > On Ephemeral-REQ-05, does this clarify the requirement:
> >
> >
> >
> > Ephemeral-REQ-05: The ability to add on an object (or a hierarchy of
> > objects) that have the property of being ephemeral.  An object defined as
> > Yang module,
> >
> > schema tree, a schema node, submodule or components of a submodule
> (derived
> > types, groupings, data node, RPCs, actions, and notifications).
>
> I have no clue what the above sentence is trying to say. Please try to
> use YANG terminology.
>
> > Any ephemeral object must be able to be identified by a yang key word.
>
> Why does there have to be a YANG keyword?
>
>

This could be an extension and not a keyword, depending on how it is done.
The extension vs. keyword debate will not be rehashed here, but there is
an issue wrt/ how the data definition is interpreted by tools/protocols
that do not understand the extension and just ignore it.

Shared:

   list foo {
      i2rs:ephemeral true;
      ....
    }

I2RS-only:

   i2rs:ephemeral {
      list foo {  ... }
   }



> > On Ephemeral-REQ-06, does this text restrict the definition to just
> > requirements:
> >
> >
> >
> > "Ephemeral-REQ-06:  Yang MUST have a way to
> >
> > indicate in a data model that nodes have the following
> >
> > properties: ephemeral, writable/not-writable, status/configuration,
> >
> > and secure/non-secure transport.
> >
> > (If you desire examples, please see draft-hares-i2rs-protocol-strawman
> for
> >
> > potential yang syntax).  "
>
> We do have config true/false this implies writable/not-writable. I
> find the idea strange that a data model defines secure/non-secure
> transport as a property of an data model definition since it usually
> depends on the deployment context whether it is acceptable to carry
> data over a non-secure transport.
>
>

This is a very expensive feature wrt/ standards resources.
First the WG has to agree that all the subtree data is OK to send in the
clear
under all circumstances. (Including augmenting nodes?)  Then this needs to
be
carefully reviewed by the SECDIR and IESG.  Both steps will require lots of
IETF time.

I agree that operators need to have the final say.
This extension is the opposite of the nacm:default-deny-all extension.
But it is designed to allow operators to configure access through NACM.
How does an operator override the extension?
And if the operator can override, why is an extension even needed?
If not, then what criteria is used to decide the data is universally
non-secure?


Andy




> > On Ephemeral-REQ-07,  NETCONF chairs asked for conceptual changes to
> NETCONF
> > and RESTCONF.  Does change to Ephemeral-REQ-07 requirement set work for
> you?
> > If it does, I will create a similar reduction for Ephemeral-REQ-08:
> >
> > ---------
> >
> > Ephemeral-REQ-07: The bundle of conceptual changes to NETCONF to
> required to
> > support the I2RS protocol are the following:
> >
> >  1) protocol version support for I2RS protocol modifications -  (e.g.
> I2RS
> > version 1);
>
> I do not understand what this is supposed to mean since NETCONF
> extensions usually are identified by a capability URN. So why is
> there a need for something else?
>
> > 2) support ephemeral model scope indication - which indicates whether a
> > module is ephemeral only, mixed config module (config with ephemeral),
> mixed
> > derived state (ephemeral and config),
>
> Not sure what this means.
>
> > 3) multiple message support - uses the I2RS "all or none"
> > (ietf-i2rs-architecture, section 7.9) which is the same as the NETCONF
> > "roll-back-on-error".
>
> So what is the requirement here?
>
> > 4) Support for the following  NETCONF protocol specifications:
> >
> >      NETCONF [RFC6241],
> >
> >      yang pub-sub push [draft-ietf-netconf-yang-push],
> >
> >      Yang module library [draft-ietf-netconf-yang-library],
> >
> >      call-home support [draft-ietf-netconf-call-home],
> >
> >      zero-touch support [draft-ietf-netconf-zero-touch], and
> >
> >      server model [draft-ietf-netconf-server-module]  with
>
> Why do you list this under changes to NETCONF?
>
> > 7) The ability to restrict insecure transports to specific portions of a
> > data model marked as valid to transfer via an insecure protocol,
>
> See above.
>
> > 8) ephemeral overwriting of ephemeral MUST be controlled by the following
> > two policy knobs (draft-ietf-i2rs-architecture, section 6.3, 6.3.1):
> >
> >    * Policy Knob 1: ephemeral configuration overwrites local
> configuration
> > (normal value: true)
> >
> >    *Policy Knob 2: update of local configuration value supersedes and
> > overwrites the ephemeral configuration value (normal value: false)
>
> And if I set both to true we run into a race?
>
> I am stopping here. I do not even understand why we need yet another
> list of requirements that just rephrase requirements already written
> down in other documents. What is the goal of this exercise?
>
> /js
>
> > 9)   The ephemeral state overwriting a local configuration described in
> 8)
> > above  is considered to be the composite of all ephemeral state values by
> > all clients.  Some may consider this a single "pane of glass" for the
> > ephemeral values.
>
> You seem to assume a certain architectural model and it is unclear whether
> there is agreement on this model. There is ongoing discussion about this,
> see for example draft-schoenw-netmod-revised-datastores-00.
>
> > 10) The ephemeral state must support notification of write conflicts
> using
> > the priority requirements (see section 3.7 below, specifically
> requirements
> > Ephemeral-REQ-09 through Ephemeral-REQ-14).
> >
> >
> >
> > 11) Ephemeral data stores SHOULD not require support for interactions
> with
> > writeable-running, candidate data stores, confirmed commit, and a
> distinct
> > start-up capability.
> >
> >
> >
> > ==========
> >
> >
> >
> > On Ephemeral-09, this is covered in SEC-REQ-01.  Section 3.7.1 was added
> as
> > explanation.  It will be moved to the protocol-security-strawman.
> >
> >
> >
> > On Ephemeral-09 (second instance): is an extension of SEC-REQ-07 and
> > SEC-REQ-08.   Will this change to Ephemeral-09 work for you?
> >
> >
> >
> > "Ephemeral-REQ-09: The data nodes MAY store I2RS client identity and not
> the
> > effective priority at the time the data node is stored.  Per SEC-REQ-07
> in
> > section 3.1 of [draft-ietf-i2rs-protocol-security-requirements], an
> > identifier must have just one priority.  Therefore, the data nodes MAY
> store
> > I2RS client identity and not the effective priority at the time the data
> > node is stored.  Priority MAY be dynamically changed by AAA protocols and
> > how the protocol handles the revision of a client's priority SHOULD be
> > defined by the protocol specification as long as the collisions are
> handled
> > as described by Ephemeral-REQ-10, Ephemeral-REQ-11, and
> Ephemeral-REQ-12."
> >
> >
> >
> > To your questions of repetition in Ephemeral-REQ-10, Ephemeral-REQ-11,
> > Ephemeral-REQ-12: Ephemeral write collisions utilize SEC-REQ-07 which
> > defines that an identifier MUST have only one priority.  Ephemeral write
> > collisions are related to role-based data model security
> > (draft-ietf-i2rs-protocol-security-requirements, section 3.5), but only
> > SEC-REQ-19 underscores the use of "one identifier with one priority" in
> the
> > use of a I2RS client by multiple applications.   You may be recalling
> input
> > from the I2RS-architecture document.
> >
> >
> >
> > On Ephemeral-REQ-13: This requirement has an explanation that I would
> like
> > to keep because the requirement has been misunderstood repeatedly in both
> > groups.  Since this requirement represents to summation of the
> NETCONF/I2RS
> > sessions,  I prefer to keep this requirement – and ask the WG for input.
> >
> >
> >
> >
> > On the Pub-sub requirements:
> >
> > I will remove all pub-sub-requirements and add the following:
> >
> >
> >
> > 1)      Pub-Sub-REQ-01: The Subscription Service MUST support
> subscriptions
> > against ephemeral data in operational data stores, configuration data
> stores
> > or both.
> >
> > 2)      Pub-Sub-REQ-02: The Subscription Service MUST support filtering
> so
> > that subscribed updates under a target node might publish only ephemeral
> > data in operational data or configuration data, or publish both ephemeral
> > and operational data.
> >
> >
> >
> >
> > Sue
> >
> >
> >
> > -----Original Message-----
> > From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Juergen
> Schoenwaelder
> > Sent: Tuesday, May 17, 2016 2:24 PM
> > To: Jeffrey Haas
> > Cc: i2rs@ietf.org
> > Subject: Re: [i2rs] I-D Action: draft-ietf-i2rs-ephemeral-state-06.txt
> >
> >
> >
> > On Tue, May 17, 2016 at 12:26:35PM -0400, Jeffrey Haas wrote:
> >
> > > Jürgen,
> >
> > >
> >
> > > On Fri, May 06, 2016 at 09:34:45AM +0200, Juergen Schoenwaelder wrote:
> >
> > > > I have a hard time with this document. Section 3 is labelled
> >
> > > > requirements but it actually details solution and I disagree with a
> >
> > > > significant number of the solution elements.
> >
> > >
> >
> > > If you were to restrict your comments to the requirements labeled
> > variously:
> >
> > > Ephemeral-REQ-XX
> >
> > > PubSub-REQ-X
> >
> > >
> >
> > > do you consider the items sufficiently well described to be a
> >
> > > requirements document?
> >
> >
> >
> > Mostly:
> >
> >
> >
> > - I do not understand what Ephemeral-REQ-05 is trying to say.
> >
> >
> >
> > - I disagree with Ephemeral-REQ-06 and section 3.4.1 all sounds like
> >
> >   solution attempts (to which I do not agree).
> >
> >
> >
> >
> >
> > - I disagree with Ephemeral-REQ-07 and all of section 3.5 and
> >
> >   subsections; this is not a requirement but an attempt to describe a
> >
> >   solution.
> >
> > - I disagree with Ephemeral-REQ-08 and all of section 3.5 and
> >
> >   subsections; this is not a requirement but an attempt to describe a
> >
> >   solution.
> >
> >
> >
> > - Has Ephemeral-REQ-09 (the first one) not been stated elsewhere
> >
> >   already?
> >
> >
> >
> > - Ephemeral-REQ-xx with xx >= 09 and xx <= 13 seem repetitions from
> >
> >   requirements already stated elsewhere?
> >
> >
> >
> > - I did not understand section 3.7.3 and I am unsure what
> >
> >   Ephemeral-REQ-13 or more specifically whether it is different from
> >
> >   what is already stated in the requirements. I have trouble parsing
> >
> >   some of the sentences, e.g.
> >
> >
> >
> >    [...] I2RS notes multiple operations in one or
> >
> >    more messages handling can handle errors within the set of operations
> >
> >    in many ways.
> >
> >
> >
> > - I do not understand PubSub-REQ-1; what is the difference between
> >
> >   synchronous and asynchronous push?
> >
> >
> >
> > - I may disagree with PubSub-REQ-2 but then I do not know what 'real
> >
> >   time for notifications' means.
> >
> >
> >
> > - I may disagree with PubSub-REQ-3.
> >
> >
> >
> > - I do not understand what PubSub-REQ-4 means; what is a 'critical
> >
> >   node event'? How do I decide this requirement has been met?
> >
> >
> >
> > - PubSub-REQ-5 seems to mix up different issues. I do not know what a
> >
> >   hierarchy of filters of XPATHs is.
> >
> >
> >
> > - PubSub-REQ-6 is likely underspecified.
> >
> >
> >
> > Overall, I do not understand why we need these additional requirements
> given
> > that we have draft-ietf-i2rs-pub-sub-requirements-08.txt.
> >
> > > As Sue mentioned, we can migrate solution-space discussion wholly into
> >
> > > the strawman document.
> >
> >
> >
> > In general, it would help me if you make an effort to reduce the number
> of
> > documents and if you make an effort to avoid document overlaps. Sometimes
> > less is more.
> >
> >
> >
> > /js
> >
> >
> >
> > --
> >
> > Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> >
> > Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> >
> > Fax:   +49 421 200 3103         < <http://www.jacobs-university.de/>
> > http://www.jacobs-university.de/>
> >
> >
> >
> > _______________________________________________
> >
> > i2rs mailing list
> >
> >  <mailto:i2rs@ietf.org> i2rs@ietf.org
> >
> >  <https://www.ietf.org/mailman/listinfo/i2rs>
> > https://www.ietf.org/mailman/listinfo/i2rs
> >
>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
>
> _______________________________________________
> i2rs mailing list
> i2rs@ietf.org
> https://www.ietf.org/mailman/listinfo/i2rs
>

v2.23.0 | Report a Bug | By Email