Re: [netconf] crypto-types fallback strategy
Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Fri, 27 September 2019 17:46 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7B7912098F for <netconf@ietfa.amsl.com>; Fri, 27 Sep 2019 10:46:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Yi_0MYvwLpi for <netconf@ietfa.amsl.com>; Fri, 27 Sep 2019 10:46:28 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0617.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::617]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 162721208BC for <netconf@ietf.org>; Fri, 27 Sep 2019 10:46:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=j74/VyEWdqf2bYteTb/JGV8bPMlzXutNv5XxUX3qtHlEhKCIXsw1MUA8z802ouiRUdQZyNBHh0OyswJHhoNcPXYQnxwKA1BcpcP5hv8DQialif/i37LEnxjBaHtBZnhA6V5btkQ6ryz5rn7MKONFYmCwLhOGYw7lJGq/D5aJQ4NJ/QA5rtVeLK0XtYTQiQMPvXHWqQhn8y80wmBlYjNMQbRJLzOK9P9PZ+eCqKsH6nRiI9T/lnBWLh5zZ4qlSeMoXzhYpZHZAW3I04NbqQ2YF2aA+ssvKwaVxezw1Rk1EO6rwJOSTXM0sQ6rqTxjkF1x3enhH5lGhaU2CX7sYpX+GA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eILrnrrWBHIUXOA/CudrCurszP0UoRkjNEScv6U/oJI=; b=cem6PERCx4BHbBdTEvvGH9ilqmUBYz24S/kuWievqwVCXIM/3LbyxtvGqncf9FXEcc2yaGJhDmBVATJQeb3+Xdi3FcV5+qnh+bzw4C/xnl0VpsWUmn6+0xwzVTCbiRL2zKJlXy6e21ViLcYSF+4QWp42keuwrBLfpdpe1g0K0HF6SgDdR3CqVCsYSFNc3wAz+Kkus0QbFswl7WsqN3jsaNhA+BKMHDkPn+RMwTKOUwlm8aaPHUnwzIhjY885jwmMTgLnPHNfZrEe7hODjSdBSCkOr7NSUP7exAzZJsXDApTWn7RdVrP6+60XEwvXQMQ+7m+qTYTdKq3HhYK49fBE/A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eILrnrrWBHIUXOA/CudrCurszP0UoRkjNEScv6U/oJI=; b=Xp5Y5yUObTnqUd+97tUjls2K0isHr7//sUBEhQaPfbUq9TiJ6xN/M2R0WBb4+6OEVY4LEtTjtVD89JljbQZ6hHhbIxQXiWrwp1Pb6WotBA7DDbzAnh+H2T0xLpajBLl2Mn63KRdTP6g1gnXTYgkL6h6U+bJfrvPwKAEZ2C6kOGI=
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (10.186.159.71) by VI1P190MB0448.EURP190.PROD.OUTLOOK.COM (10.165.198.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.20; Fri, 27 Sep 2019 17:46:24 +0000
Received: from VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4]) by VI1P190MB0686.EURP190.PROD.OUTLOOK.COM ([fe80::e061:7f73:a47f:2ad4%2]) with mapi id 15.20.2305.017; Fri, 27 Sep 2019 17:46:24 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>
CC: Martin Bjorklund <mbj@tail-f.com>, "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "wang.haiguang.shieldlab@huawei.com" <wang.haiguang.shieldlab@huawei.com>, "netconf@ietf.org" <netconf@ietf.org>, "rifaat.ietf@gmail.com" <rifaat.ietf@gmail.com>
Thread-Topic: [netconf] crypto-types fallback strategy
Thread-Index: AQHVbjbxVhFlbERW30moo9Q8WhnpJqcxoiSAgA4DFOiAAAlXAIAADIaAgAAfcYA=
Date: Fri, 27 Sep 2019 17:46:24 +0000
Message-ID: <20190927174623.jhvpudof6yfs2m4k@anna.jacobs.jacobs-university.de>
References: <0100016d455c6145-844c669e-8f31-4203-a827-7368d33cdee4-000000@email.amazonses.com> <MN2PR11MB4366E914816F6C3D9515A31DB5890@MN2PR11MB4366.namprd11.prod.outlook.com> <0100016d7325f06e-00613ab7-413c-4d97-972c-858cf4886b65-000000@email.amazonses.com> <20190927.170902.142773301948727896.mbj@tail-f.com> <MN2PR11MB4366C30CE4650421CE915840B5810@MN2PR11MB4366.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB4366C30CE4650421CE915840B5810@MN2PR11MB4366.namprd11.prod.outlook.com>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: PR0P264CA0068.FRAP264.PROD.OUTLOOK.COM (2603:10a6:100:1d::32) To VI1P190MB0686.EURP190.PROD.OUTLOOK.COM (2603:10a6:800:12e::7)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 69febf2c-cdaf-49b6-9b55-08d743729d89
x-ms-traffictypediagnostic: VI1P190MB0448:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <VI1P190MB04482B4B106F4133C0D97296DE810@VI1P190MB0448.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0173C6D4D5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(346002)(39850400004)(136003)(396003)(51444003)(189003)(199004)(46003)(25786009)(7736002)(5660300002)(14444005)(8936002)(6916009)(6506007)(478600001)(305945005)(8676002)(43066004)(52116002)(4744005)(81166006)(81156014)(54906003)(99286004)(71200400001)(71190400001)(14454004)(76176011)(45776006)(64756008)(66556008)(66476007)(66446008)(1076003)(786003)(66946007)(6306002)(186003)(386003)(6512007)(6116002)(316002)(86362001)(6436002)(11346002)(229853002)(6246003)(446003)(476003)(3450700001)(256004)(4326008)(102836004)(2906002)(486006)(6486002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1P190MB0448; H:VI1P190MB0686.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3KRtu2QNMuJDcJ6x0bHdchG8R+eaQzlElfziLL1QUc7SLiWgOSy/i1/zH0YF3PUXPc/3vjXdP2XCjslpz/7i+AHop4VWozWsNjLOnCZ4XiY2s76sKfehybXr33EcMv1jC6+vSQN2n7LiN39xaY8OIdCgvwjEt8qbbPc8gjq3tlaizmjfga9FeTAdr3kXZd2RO+ZHR3veHciG7q2PYv4kkmsjC4Ep1ttR9m5pw39yVUwnJl6MpnmbG+RZWTqyAiJEvBbkURbfQeJp+1qGBszDEYAJ9sXyfmIe5nJn8jXURAs20eJN/FqgvnwUW67ZJDo5zT7WYOWlLmMbp4DGoJIPqAyId4SwkIcZEEwQ5f+mPRnuQP9ltusdSeGbuFpp93KWMw9K6cxcs3OrxwklA16eImwQt90m9GplRtUrKh0hYeUPE77v5QZbPK7WBxmSQEM0+GoYQ8+iCoUFGkRyGK0FzQ==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <2F13AD93DC5450499D273494EE22D6D4@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 69febf2c-cdaf-49b6-9b55-08d743729d89
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2019 17:46:24.6359 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tV+elEsDA/GdQL9QqNHCU3Hmw2vIt7ohNp3B7xqbwwMcWsNqW8fxYcGEemsrXsWJW75KZyCva2XCltLlc4HnaRkSQJyP9bakeaowdFXmTZE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P190MB0448
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/-Updg1FC55I6MZI5SQ0FLB0D6vk>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 17:46:31 -0000
On Fri, Sep 27, 2019 at 03:53:51PM +0000, Rob Wilton (rwilton) wrote: > I basically agree with what Martin is saying. So do I. > Either one YANG module containing all of the crypto identities, or a few YANG modules as previously suggested. It may make sense to split by security protocol. > If advertising the specific identities is important, then a per identity if-feature could be used, although I'm not entirely sure that one feature per identity is really a great option either, but I think that this would be better than one per module. Why not instead have a config false list of algorithms supported? Once we have solved this problem generically, this list may get deprecated. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- [netconf] FW: crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Holland, Jake
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] [Taps] crypto-types fallback strate… tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Wang Haiguang
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund