Re: Review of draft-ietf-lmap-information-model-17
Leif Johansson <leifj@mnt.se> Tue, 14 March 2017 09:17 UTC
Return-Path: <leifj@mnt.se>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49C84129524 for <ietf@ietfa.amsl.com>; Tue, 14 Mar 2017 02:17:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnt-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mI94Au95aX_z for <ietf@ietfa.amsl.com>; Tue, 14 Mar 2017 02:17:07 -0700 (PDT)
Received: from mail-lf0-x22f.google.com (mail-lf0-x22f.google.com [IPv6:2a00:1450:4010:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75BD0129469 for <ietf@ietf.org>; Tue, 14 Mar 2017 02:17:07 -0700 (PDT)
Received: by mail-lf0-x22f.google.com with SMTP id y193so73662446lfd.3 for <ietf@ietf.org>; Tue, 14 Mar 2017 02:17:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnt-se.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=u7FEv2xz5UJrY+GfQH+qhI4yVq4z1EkbL0rr+fs2Kxg=; b=Xqe7TZwE3EVx+1L9tSF6NTPlDQ6Ou40IYl9gt3yKImWpdFQHtA59XTtckebdh7R4jj Z8m1Yydz+uqmocPT8XhOSnPs/ROMc2M5lpEHkPVgeM4ZLFZm4erAMtUhI1QmptfAp7Vn vxzl7yYDKHowEn7oL4y983asIDy1hWpjIbOD4icsPnKg1C+2WZpSmoBbbFBQ9AmJqk8P NF96FW4S7mXIN4oiVMmomc5Bax/LWrsjlWaZcY+/QeHm2OQSacdAFxVM+1i8iaERebTD 8ZyoJo7C5RGXoZNU66P27oXLbETLGGpNgGXm6vaERJBC44/s9FpE6hcHWdgaP25hJ+c/ fA3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=u7FEv2xz5UJrY+GfQH+qhI4yVq4z1EkbL0rr+fs2Kxg=; b=WcgF3n7OyhUVZ1KdxoWsBMZn2wBpGkUDFngFf7vxl59MVpYt5xAf5OVN4l+l65IlS3 uNZeWPzIX7BAse/TDLmEygZt1fvSZwSyWRYubds5uZHuhkR9IH4N9x4G8dUMVN81w3d1 8oizrqshmbCx+rw2paaCKkN3dGvB83J5WY+F+Kcn4txoTCoIM1ALqJLHijFSlwGgbOHn eN2tKV5HkCGxJAGmZN5PCS96zULvRxt/bOGslN0T0Zj2WMVwLZusnNagVmXqYC76h2DT Ueq7fozpQFUaIX/CxgFjVLFNc4hY6e3UpxEdrriyLBYto4yi3fG5oQCpSo7zCcnlwyAp tghQ==
X-Gm-Message-State: AMke39nz6QtCgLIGf++GuqbS2Kbwpt7bwieS+fsnKPUlxhone6XFzFtW6Via+DUmqm+dWQ==
X-Received: by 10.25.216.232 with SMTP id r101mr8628949lfi.28.1489483024972; Tue, 14 Mar 2017 02:17:04 -0700 (PDT)
Received: from ?IPv6:2001:6b0:7:1:198e:bf37:ab2a:c6df? ([2001:6b0:7:1:198e:bf37:ab2a:c6df]) by smtp.gmail.com with ESMTPSA id 187sm4165527ljf.32.2017.03.14.02.17.03 for <ietf@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 14 Mar 2017 02:17:04 -0700 (PDT)
Subject: Re: Review of draft-ietf-lmap-information-model-17
To: ietf@ietf.org
References: <148814339074.2901.10793232146724828053.idtracker@ietfa.amsl.com> <20170314085308.GA54939@elstar.local>
From: Leif Johansson <leifj@mnt.se>
Message-ID: <d8ea9f64-7558-4514-6b1f-90b5062a4060@mnt.se>
Date: Tue, 14 Mar 2017 10:17:02 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <20170314085308.GA54939@elstar.local>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/xy57EIA0TQCbAC2WRPPGTCgwyoo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Mar 2017 09:17:10 -0000
On 2017-03-14 09:53, Juergen Schoenwaelder wrote: > Russ, > > thanks for your review. See my response to your comments inline. > > On Sun, Feb 26, 2017 at 01:09:50PM -0800, Russ Housley wrote: >> Reviewer: Russ Housley >> Review result: Almost Ready >> >> I am the assigned Gen-ART reviewer for this draft. The General Area >> Review Team (Gen-ART) reviews all IETF documents being processed >> by the IESG for the IETF Chair. Please wait for direction from your >> document shepherd or AD before posting a new version of the draft. >> >> For more information, please see the FAQ at >> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. >> >> Document: draft-ietf-lmap-information-model-17 >> Reviewer: Russ Housley >> Review Date: 2017-02-26 >> IETF LC End Date: 2017-03-08 >> IESG Telechat date: Unknown >> >> Summary: Ready >> >> Major Concerns: >> >> Section 3.1 says that the pre-configuration information contains >> the certificate of the Controller or the certificate of the CA >> which issued the certificate for the Controller. Section 3.1.1 >> includes ma-preconfig-credentials. Are these the same? > > The information model on purse is somewhat unspecific about what > exactly the security credentials are. The reason is that the > information model maps to two data models today (one in the BBF and > one in the IETF). The IETF data model can be accessed over NETCONF and > RESTCONF. RESTCONF runs over HTTP/TLS while NETCONF by default runs > over SSH. As a consequence, the various credentials needed to support > the different protocols varies. > You keep missing my point which is this: I understand the difference between a data model and an information model. What I don't understand is if you need one or two credentials in the information model. Cheers LEif >> Section 6 says that secure communication channels are needed. This >> means >> that some components of this system (at least the Controller) must >> have >> secret keys or private keys. I think that Section 6 should talk >> about >> which components of this system have keys and the consequences if the >> keys are not well protected. > > There is a fairly large discussion of security issues in RFC 7594 > and we point to them in section 6 rather than repeating them here. > > An implementation of this Information Model should support all the > security and privacy requirements associated with the LMAP Framework > [RFC7594]. > >> Minor Concerns: >> >> The Introduction in RFC 7594 says: "There is a desire to be able >> to coordinate the execution of broadband measurements and the >> collection of measurement results across a large scale set of >> Measurement Agents (MAs)." The Fact that LMAP is about broadband >> measurements should be stated in the first paragraph of the >> Introduction of this document. > > I suggest to add a sentence including a reference to RFC 7536 so > that the 1st paragraph of the Introduction reads: > > A large-scale measurement platform is a collection of components that > work in a coordinated fashion to perform measurements from a large > number of vantage points. A typical use case is the execution of > broadband measurements [RFC7536]. The main components of a large- > scale measurement platform are the Measurement Agents (hereafter > MAs), the Controller(s) and the Collector(s). > >> Nits: >> >> In Section 3, the reason for the 6 categories should probably be >> placed before the list instead of several paragraphs later. > > I agree, I have moved the text up (and due to some other comment we > started to call the categories 'aspects'). So the new text reads: > > The information model is divided into six aspects. Firstly the > grouping of information facilitates reader understanding. Secondly, > the particular groupings chosen are expected to map to different > protocols or different transmissions within those protocols. > >> In 3.1: s/If the MA ID is not provided at this stage then/ >> /If the MA ID is not provided at this stage, then/ > > fixed > > /js >
- Review of draft-ietf-lmap-information-model-17 Russ Housley
- Re: Review of draft-ietf-lmap-information-model-17 Juergen Schoenwaelder
- Re: Review of draft-ietf-lmap-information-model-17 Leif Johansson
- Re: Review of draft-ietf-lmap-information-model-17 Jari Arkko
- Re: Review of draft-ietf-lmap-information-model-17 Leif Johansson