IETF Logo Mail Archive

Re: [Netconf] Draft Charter Proposal for NETCONF WG

Mahesh Jethanandani <mjethanandani@gmail.com> Wed, 22 March 2017 21:53 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4587B129514 for <netconf@ietfa.amsl.com>; Wed, 22 Mar 2017 14:53:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fPACTKzYeyB0 for <netconf@ietfa.amsl.com>; Wed, 22 Mar 2017 14:53:03 -0700 (PDT)
Received: from mail-pf0-x235.google.com (mail-pf0-x235.google.com [IPv6:2607:f8b0:400e:c00::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 063041294B5 for <netconf@ietf.org>; Wed, 22 Mar 2017 14:53:03 -0700 (PDT)
Received: by mail-pf0-x235.google.com with SMTP id p189so73770756pfp.1 for <netconf@ietf.org>; Wed, 22 Mar 2017 14:53:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=XwJWgarNCN/92jXUXhKQWOvwHsjkCXo+iC1x1JdK8LE=; b=kULoCtWWMAXqV/XsoO8GaF1Dvm5iYKz38p1eHVpp7EeOLf3PobFN0gHhGuGI11cNV8 niKwUE8D8OSTANBAal6LwyTK5ygqHruB2aqlXrUSX2dJw4FTQhNydHDruY8qR2OjGySi ATeQLpHvEFjj/ele0mXWZ5NsTUTp85CVDuFiHFkZI6m9MxhTU62KKirSeULXVFWNYeqG u8RZgT0ZfSm1masT1Wg+5nnYzGyOaAU5Yo4pARNM82cnsIgcczmQhNoIzuwNBKp2xOMW g0kp6GK2KwCw7WcxpmfXKdeUWpAIi4A3z0bm3HtxE1xXeAfBBlnO7/ZG+Ea2S2A+tQ0K QEag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=XwJWgarNCN/92jXUXhKQWOvwHsjkCXo+iC1x1JdK8LE=; b=SZAivbfV6450IrIhnZmYGQFO5VB67cBVclZiiYAbj0gleZy8Xv+AFItjXLVjw7nYSU fX7XKEmoullTOUDVdP+GsHeiKF4Skcd626+p/vSeTKZsGB4Ela4WJ3SM8pxY0Mi5u0Ru X2zupZlSiQzjjw3kQOLByuLFeEfJK7/ScsRt29sAIzXTcdm3dD7SH7maq3XWqFqg84lU /W98Sg1kkSE6Wygp0aYynY8vCWu02naTe7m95/6zCdGHo8Dhjxb6ow+q/N76cee+bHbI rlP2Mks15ZJ8WdBW7Bw+LrTU07Yalu1CsraszGn1HlMeQVRSb9GBQc/+QacBsIOQnfxK S5aw==
X-Gm-Message-State: AFeK/H3kraxLGqC8nRcdgdYoA8Yt3um9XM9iQRUxgI5iyu/NdFDb0gUVD1pVZiBlm3AXUA==
X-Received: by 10.84.168.4 with SMTP id e4mr58936861plb.138.1490219582533; Wed, 22 Mar 2017 14:53:02 -0700 (PDT)
Received: from [10.52.112.158] ([166.177.250.29]) by smtp.gmail.com with ESMTPSA id i3sm5757746pfg.117.2017.03.22.14.53.00 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 22 Mar 2017 14:53:01 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Mahesh Jethanandani <mjethanandani@gmail.com>
Mime-Version: 1.0 (1.0)
Date: Wed, 22 Mar 2017 14:27:12 -0700
Message-Id: <646265F1-34D3-41AC-A1E2-00945BAA5101@gmail.com>
References: <014101d2913a$3db72870$b9257950$@gmail.com> <070e01d291ba$9bb8f4a0$4001a8c0@gateway.2wire.net> <m2fuiye8rj.fsf@birdie.labs.nic.cz> <072D22E1-66DA-414E-BD16-C43D36BE9B6E@juniper.net> <026e01d29273$5cc0cfc0$4001a8c0@gateway.2wire.net> <5A12F60C-3BA9-41A2-B77C-9E73B9DA115D@juniper.net> <05c201d2941a$d4bd4500$4001a8c0@gateway.2wire.net> <20170303133448.GA3133@elstar.local> <00b201d2942b$32395b50$96ac11f0$@gmail.com> <014701d29753$bb651790$322f46b0$@ndzh.com> <CABCOCHSacn15vfo8MR0K-UJJo6E0AZ14Gwj3M43KYkgbtwK8Kg@mail.gmail.com> <005101d2975f$ae87ac20$0b970460$@ndzh.com> <017d01d29769$0df70b20$29e52160$@gmail.com> <010701d29771$a45f66e0$ed1e34a0$@ndzh.com> <026601d2977f$8d059600$a710c200$@gmail.com> <685B9088-7557-4C6E-9A8F-54C3208DB312@juniper.net> <7217bc23-0e1e-c250-929d-e18c3f0a800f@cisco.com> <07b601d2a197$9865d5b0$c9318110$@gmail.com> <02ee01d2a22b$295b2be0$4001a8c0@gateway.2wire.net> <30B0C127-1FA5-4177-9718-F687029F24C9@gmail.com> <D4F6AE83.A3890%acee@cisco.com> <011c01d2a262$c72bd900$4001a8c0@gateway.2wire.net> <D4F6D464.A3907%acee@cisco.com>
Cc: "t.petch" <ietfc@btconnect.com>, Jeff Tantsura <jefftant.ietf@gmail.com>, Mehmet Ersue <mersue@gmail.com>, "Benoit Claise (bclaise)" <bclaise@cisco.com>, Netconf <netconf@ietf.org>
In-Reply-To: <D4F6D464.A3907%acee@cisco.com>
To: "Acee Lindem (acee)" <acee@cisco.com>
X-Mailer: iPhone Mail (13G36)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/1M7II-mEk92CMaZ6Ja4-rbX_vwA>
Subject: Re: [Netconf] Draft Charter Proposal for NETCONF WG
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Mar 2017 21:53:06 -0000


> On Mar 21, 2017, at 10:09 AM, Acee Lindem (acee) <acee@cisco.com> wrote:
> 
> Tom
> 
>> On 3/21/17, 12:38 PM, "t.petch" <ietfc@btconnect.com> wrote:
>> 
>> ---- Original Message -----
>> From: "Acee Lindem (acee)" <acee@cisco.com>
>> Sent: Tuesday, March 21, 2017 2:22 PM
>> 
>> Tom,
>> If you read the two drafts and look at the data nodes in the two models,
>> you¹ll quickly realize that they have entirely different purposes.
>> 
>> <tp>
>> Acee
>> 
>> Yes, I had read them before posting; my point in quoting what I did was
>> that from the YANG module name and the introduction to the I-Ds, they
>> would appear to overlap, and you have to dig deeper to realise that they
>> do not.  I think this misleading and so wrong.
>> 
>> In the same vein, we have already discussed and agreed to disagree on
>> 'keychain' and 'key-chain'; again, misleading and I think wrong.
> 
> The latest version of the NETCONF draft refers to keystore rather than
> keychain. 
> 
> https://datatracker.ietf.org/doc/html/draft-ietf-netconf-keystore
> 
> Hopefully, this has resolved any potential confusion and your concerns.
> There are going to be modules that share common qualifiers. Consider “ip”,
> “interface”, “system”, “oam”, and “topology”.

That should not be reason why we cannot clarify that the purpose of the keychain model is to deal with symmetric keys. And refer to keystore draft for asymmetric keys. 

Do you see a problem for calling out that distinction?

Mahesh 

> 
> Thanks,
> Acee
> 
> 
> 
>> 
>> As Andy said recently,  'YANG is supposed to be prioritized for readers,
>> writers, and then tool-makers.' and I interpret one part of this as
>> making life easy for the non-experts.
>> 
>> Which I do not see our current approach, two I-Ds neither acknowledging
>> the existence of the other, to key stores as doing.
>> 
>> Tom Petch
>> 
>> Thanks,
>> Acee
>> 
>> On 3/21/17, 7:21 AM, "rtgwg on behalf of Jeff Tantsura"
>> <rtgwg-bounces@ietf.org on behalf of jefftant.ietf@gmail.com> wrote:
>> 
>>> Tom,
>>> 
>>> Including RTGWG, the draft-ietf-rtgwg-yang-key-chain home.
>>> In general, there¹s no interactions, rtgwg-yang-key-chain work has been
>>> focused on data model for routing protocols key-chain¹s configuration
>> and
>>> management.
>>> 
>>> Thanks!
>>> 
>>> Cheers,
>>> Jeff
>>> 
>>> On 3/21/17, 03:08, "Netconf on behalf of t.petch"
>>> <netconf-bounces@ietf.org on behalf of ietfc@btconnect.com> wrote:
>>> 
>>>   What interaction, if any, is there between
>>> 
>>>   draft-ietf-rtgwg-yang-key-chain-15.txt
>>>   This document describes the key chain YANG data model.
>>>   file "ietf-key-chain@2017-02-16.yang"
>>> 
>>>   currently in IETF Last Call, and
>>> 
>>>   draft-ietf-netconf-system-keychain-00
>>>   This document defines a YANG data module for a system-level
>> keychain
>>>   mechanism
>>>   file "ietf-system-keychain@2016-07-08.yang"
>>> 
>>>   ?
>>> 
>>>   Tom Petch
>>> 
>>> 
>>>   ----- Original Message -----
>>>   From: "Mehmet Ersue" <mersue@gmail.com>
>>>   To: "'Benoit Claise'" <bclaise@cisco.com>; "'Susan Hares'"
>>>   <shares@ndzh.com>
>>>   Sent: Monday, March 20, 2017 4:32 PM
>>> 
>>>> Dear All,
>>>> 
>>>> 
>>>> 
>>>> based on the recent discussion and proposals please find below
>> the
>>>   updated
>>>> charter proposal for NETCONF WG.
>>>> 
>>>> Please comment before March 24, 2017.
>>>> 
>>>> 
>>>> Following Benoit's support the I2RS-related additions have been
>>> added
>>>   as a
>>>> separated item.
>>>> 
>>>> Being dependent on netmod-revised-datastores point 6 and 7 have
>> been
>>>   defined
>>>> as a goal without a deadline.
>>>> 
>>>> 
>>>> Mehmet
>>>> 
>>>> 
>>>> Network Configuration (netconf)
>>>> 
>>>> -------------------------------
>>>> 
>>>> 
>>>> 
>>>> Charter
>>>> 
>>>> 
>>>> 
>>>> Current Status: Active
>>>> 
>>>> 
>>>> 
>>>> Chairs:
>>>> 
>>>>     Mahesh Jethanandani <mjethanandani@gmail.com>
>>>> 
>>>>    Mehmet Ersue <mersue@gmail.com>
>>>> 
>>>> 
>>>> 
>>>> Operations and Management Area Directors:
>>>> 
>>>>     Benoit Claise <bclaise@cisco.com>
>>>> 
>>>>     Joel Jaeggli <joelja@bogus.com>
>>>> 
>>>> 
>>>> 
>>>> Operations and Management Area Advisor:
>>>> 
>>>>     Benoit Claise <bclaise@cisco.com>
>>>> 
>>>> 
>>>> 
>>>> Mailing Lists:
>>>> 
>>>>     General Discussion: netconf@ietf.org
>>>> 
>>>>     To Subscribe:
>> https://www.ietf.org/mailman/listinfo/netconf
>>>> 
>>>>     Archive:
>>>   <https://mailarchive.ietf.org/arch/browse/netconf/>
>>>> https://mailarchive.ietf.org/arch/browse/netconf/
>>>> 
>>>> 
>>>> 
>>>> Description of Working Group:
>>>> 
>>>> 
>>>> 
>>>>  Configuration of networks of devices has become a critical
>>>   requirement
>>>> 
>>>>  for operators in today's highly interconnected networks. Large
>> and
>>>> 
>>>>  small operators alike have developed their own mechanisms or
>> have
>>>   used
>>>> 
>>>>  vendor specific mechanisms to transfer configuration data to
>> and
>>>   from
>>>> 
>>>>  a device and to examine device state information which may
>> impact
>>>   the
>>>> 
>>>>  configuration. Each of these mechanisms may be different in
>>> various
>>>> 
>>>>  aspects, such as session establishment, user authentication,
>>>> 
>>>>  configuration data exchange, and error responses.
>>>> 
>>>> 
>>>> 
>>>>  The NETCONF protocol (RFC 6241) provides mechanisms to install,
>>>> 
>>>>  manipulate, and delete the configuration of network devices.
>>> NETCONF
>>>> 
>>>>  is based on the secure transport (SSH is mandatory to implement
>>>   while
>>>> 
>>>>  TLS is an optional transport). The NETCONF protocol is data
>>> modeling
>>>> 
>>>>  language independent, but YANG (RFC 7950) is the recommended
>>> NETCONF
>>>> 
>>>>  modeling language, which introduces advanced language features
>> for
>>>> 
>>>>  configuration management.
>>>> 
>>>> 
>>>> 
>>>>  NETCONF WG recently finalized the development of RESTCONF
>> protocol
>>>> 
>>>>  (RFC 8040) which provides an interface over HTTPs for accessing
>>> data
>>>> 
>>>>  defined in YANG. RESTCONF is based on the capabilities and uses
>>> the
>>>> 
>>>>  datastore concept defined in the NETCONF protocol
>> specification.
>>> In
>>>> 
>>>>  support of RESTCONF the YANG-Patch (RFC 8072) mechanism has
>> been
>>>> 
>>>>  provided for applying patches to configuration datastores. The
>>> YANG
>>>> 
>>>>  Module Library (RFC 7895) provides information about all YANG
>>>   modules
>>>> 
>>>>  used by a network management server.
>>>> 
>>>> 
>>>> 
>>>>  Last but not least NETCONF and RESTCONF Call Home (RFC 8071)
>> have
>>>   been
>>>> 
>>>>  developed, which enable a server to initiate a secure
>> connection
>>> to
>>>   a
>>>> 
>>>>  NETCONF or RESTCONF client respectively.
>>>> 
>>>> 
>>>> 
>>>>  In the current phase of NETCONF's incremental development the
>>>> 
>>>>  workgroup will focus on following items:
>>>> 
>>>> 
>>>> 
>>>>  1. Finalize the YANG data module for a system-level keystore
>>>   mechanism,
>>>> 
>>>>  that can be used to hold onto asymmetric private keys and
>>>   certificates
>>>> 
>>>>  that are trusted by the system advertising support for this
>>> module.
>>>> 
>>>>  Based on the known dependencies this draft has the highest
>>> priority
>>>> 
>>>>  for the WG.
>>>> 
>>>> 
>>>> 
>>>>  2. Finalize Server and Client Configuration YANG modules for
>> both
>>>> 
>>>>  NETCONF and RESTCONF as well as the Client and Server Models
>> for
>>> SSH
>>>> 
>>>>  and TLS.
>>>> 
>>>> 
>>>> 
>>>>  3. Finalize the Zero-touch provisioning for NETCONF or
>>>   RESTCONF-based
>>>> 
>>>>  Management as a technique to establish a secure network
>> management
>>>> 
>>>>  relationship between a newly delivered network device
>> configured
>>>   with
>>>> 
>>>>  just its factory default settings, and the Network Management
>>>   System)
>>>> 
>>>> 
>>>> 
>>>>  4. Provide a revised version of RFC 6536 (NETCONF Access
>> Control
>>>> 
>>>>  Model) by adding support for RESTCONF and the YANG 1.1.
>> constructs
>>>> 
>>>>  like "action" and the "notification" statements.
>>>> 
>>>> 
>>>> 
>>>>  5. Provide a set of documents enabling advanced notification/
>>>> 
>>>>  subscription capabilities, which gracefully co-exist in a
>>> deployment
>>>> 
>>>>  of RFC 5277. The new capabilities include e.g. transport
>>>   independence,
>>>> 
>>>>  multiple dynamic and configured subscriptions in a transport
>>>> 
>>>>  session. RFC 5277 will be obsoleted in parallel to the
>> publication
>>>   of
>>>> 
>>>>  the new document set. Following specifications will be
>> addressed:
>>>> 
>>>>   - Protocol-neutral notification framework, i.e., explaining
>> the
>>>> 
>>>>     concepts of subscriptions, filters, subscription state
>>>> 
>>>>     notifications, replay, etc. and defining the associated YANG
>>> data
>>>> 
>>>>     model, RPCs, etc.
>>>> 
>>>>   - Definition of notifications sent over NETCONF and how YANG
>>>> 
>>>>     notifications are encoded in XML and JSON. Include
>>> considerations
>>>> 
>>>>     for parallel support / implementation compatibility with
>>>   RFC-5277.
>>>> 
>>>>   - Definition of notifications sent over RESTCONF and HTTP2 and
>>> how
>>>> 
>>>>     YANG notifications are encoded in XML and JSON. Include
>>> specifics
>>>> 
>>>>     of call-home and heartbeat for subscriptions.
>>>> 
>>>>   - The subscription and push mechanism for YANG datastores
>>> allowing
>>>> 
>>>>     subscriber applications to request updates from a YANG
>>> datastore.
>>>> 
>>>> 
>>>> 
>>>>  6. Provide a revision for the NETCONF and RESTCONF protocols
>> and
>>> the
>>>> 
>>>>  used datastore framework building on the datastore concept in
>>> NETMOD
>>>> 
>>>>  revised datastores work. Bug fixing will be done and potential
>>>> 
>>>>  extensions will be added. Provide guidance on how to adapt and
>> use
>>>> 
>>>>  YANG with NETCONF and RESCONF protocols. NETCONF XML Encoding
>>> Rules
>>>> 
>>>>  from RFC 7950 will be moved to RFC6241bis.
>>>> 
>>>> 
>>>> 
>>>>  7. Define capabilities for NETCONF and RESTCONF to support I2RS
>>>   protocol
>>>> 
>>>>  and ephemeral state datastore requirements.
>>>> 
>>>> 
>>>> 
>>>>  Based on the implementation, deployment experience and inter-
>>>> 
>>>>  operability testing, the WG aims to produce a NETCONF status
>>> report
>>>> 
>>>>  in a later stage. The result may be clarifications for RFC6241
>> and
>>>> 
>>>>  RFC6242 and addressing any reported errata.
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Goals and Milestones:
>>>> 
>>>>  Done     Submit NETCONF/RESTCONF Call Home to AD/IESG for
>>>   consideration as
>>>> Proposed Standard
>>>> 
>>>>  Done     Submit YANG Library to AD/IESG for consideration as
>>>   Proposed
>>>> Standard
>>>> 
>>>>  Done     Submit RESTCONF to AD/IESG for consideration as
>> Proposed
>>>   Standard
>>>> 
>>>>  Done     Submit YANG Patch to AD/IESG for consideration as
>>> Proposed
>>>> Standard
>>>> 
>>>> 
>>>> 
>>>>  May 2017  WGLC for Zero-touch configuration mechanism
>>>> 
>>>>  Jun 2017  Submit Zero-touch configuration to AD/IESG for
>>>   consideration as
>>>> Proposed Standard
>>>> 
>>>>  May 2017  WGLC for system-level keystore mechanism
>>>> 
>>>>  Jun 2017  Submit keystore mechanism to AD/IESG for
>> consideration
>>> as
>>>> Proposed Standard
>>>> 
>>>>  May 2017  WGLC for Server and Client models for NETCONF and
>>> RESTCONF
>>>> 
>>>>  Jun 2017  Submit Server and Client Configuration models to
>> AD/IESG
>>>   for
>>>> consideration as Proposed Standard
>>>> 
>>>>  May 2017  WGLC for Client and Server Models for SSH and TLS
>>>> 
>>>>  Jun 2017  Submit Client and Server Models for SSH and TLS to
>>> AD/IESG
>>>   for
>>>> consideration as Proposed Standard
>>>> 
>>>>  Jun 2017  WGLC for RFC 6536bis (NETCONF Access Control Model)
>>>> 
>>>>  Jul 2017  Submit RFC 6536bis to AD/IESG for consideration as
>>>   Proposed
>>>> Standard
>>>> 
>>>>  Jun 2017  WGLC for advanced Notification/Subscription
>>> specifications
>>>> 
>>>>  Jul 2017  Submit Notification/Subscription specifications to
>>> AD/IESG
>>>   for
>>>> consideration as Proposed Standard
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> From: Benoit Claise [mailto:bclaise@cisco.com]
>>>> Sent: Friday, March 17, 2017 4:49 PM
>>>> To: Kent Watsen <kwatsen@juniper.net>; Mehmet Ersue
>>>   <mersue@gmail.com>;
>>>> 'Susan Hares' <shares@ndzh.com>; 'Andy Bierman'
>> <andy@yumaworks.com>
>>>> Cc: 'Netconf' <netconf@ietf.org>
>>>> 
>>>> 
>>>> 
>>>> On 3/8/2017 12:57 AM, Kent Watsen wrote:
>>>> 
>>>> I agree with Mehmet, any changes to the NC/RC protocols should be
>>> done
>>>   in
>>>> the NETCONF WG.
>>>> 
>>>> +1.
>>>> 
>>>> Regards, Benoit
>>> 
>>>   <snip>
>>> 
>>> 
>>>   _______________________________________________
>>>   Netconf mailing list
>>>   Netconf@ietf.org
>>>   https://www.ietf.org/mailman/listinfo/netconf
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> rtgwg mailing list
>>> rtgwg@ietf.org
>>> https://www.ietf.org/mailman/listinfo/rtgwg
> 
> _______________________________________________
> Netconf mailing list
> Netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email