IETF Logo Mail Archive

Re: [Netconf] WG Last Call Comments ondraft-ietf-netconf-reverse-ssh-03.txt

t.petch <ietfc@btconnect.com> Fri, 11 April 2014 09:07 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEFE21A0458 for <netconf@ietfa.amsl.com>; Fri, 11 Apr 2014 02:07:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dvGXb7LPhq9u for <netconf@ietfa.amsl.com>; Fri, 11 Apr 2014 02:07:51 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1lp0016.outbound.protection.outlook.com [213.199.154.16]) by ietfa.amsl.com (Postfix) with ESMTP id 188B01A043F for <netconf@ietf.org>; Fri, 11 Apr 2014 02:07:48 -0700 (PDT)
Received: from DB3PRD0210HT003.eurprd02.prod.outlook.com (157.56.253.69) by DBXPR07MB064.eurprd07.prod.outlook.com (10.242.147.24) with Microsoft SMTP Server (TLS) id 15.0.918.8; Fri, 11 Apr 2014 09:07:45 +0000
Message-ID: <008901cf5565$418c3800$4001a8c0@gateway.2wire.net>
From: "t.petch" <ietfc@btconnect.com>
To: Kent Watsen <kwatsen@juniper.net>, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
References: <201403251517.LAA15291@adminfs.snmp.com> <CF58ED17.65F0C%kwatsen@juniper.net> <533D47CF.30402@bwijnen.net> <01f401cf5342$4d48d740$4001a8c0@gateway.2wire.net> <CF69971C.685E2%kwatsen@juniper.net> <005101cf54b0$16a93940$4001a8c0@gateway.2wire.net> <CF6C7090.68D97%kwatsen@juniper.net> <20140410223815.GA99552@elstar.local> <CF6C990C.68FE4%kwatsen@juniper.net>
Date: Fri, 11 Apr 2014 10:04:56 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [157.56.253.69]
X-ClientProxiedBy: DB3PR07CA001.eurprd07.prod.outlook.com (10.242.134.41) To DBXPR07MB064.eurprd07.prod.outlook.com (10.242.147.24)
X-Forefront-PRVS: 0178184651
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(199002)(189002)(377454003)(13464003)(51444003)(164054003)(19580405001)(80976001)(74662001)(31966008)(81816999)(19580395003)(50226001)(83322001)(76176999)(81686999)(50986999)(74502001)(92566001)(33646001)(79102001)(44716002)(89996001)(62236002)(50466002)(88136002)(85852003)(83072002)(23756003)(62966002)(61296002)(77982001)(66066001)(87286001)(4396001)(81342001)(20776003)(47776003)(87976001)(81542001)(99396002)(76482001)(44736004)(77156001)(84392001)(93916002)(46102001)(42186004)(1941001)(80022001)(86362001)(92726001)(14496001)(74416001)(7726001); DIR:OUT; SFP:1101; SCL:1; SRVR:DBXPR07MB064; H:DB3PRD0210HT003.eurprd02.prod.outlook.com; FPR:BCF8F61D.8CE21FF1.FCE7A370.4E6DE61.2036E; PTR:InfoNoRecords; A:0; MX:1; LANG:en;
Received-SPF: None (: btconnect.com does not designate permitted sender hosts)
X-OriginatorOrg: btconnect.com
Archived-At: http://mailarchive.ietf.org/arch/msg/netconf/47p_evh1KiTC-IhyFMOVlqZTldY
Cc: netconf@ietf.org
Subject: Re: [Netconf] WG Last Call Comments ondraft-ietf-netconf-reverse-ssh-03.txt
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Apr 2014 09:07:56 -0000

----- Original Message -----
From: "Kent Watsen" <kwatsen@juniper.net>
To: "Juergen Schoenwaelder" <j.schoenwaelder@jacobs-university.de>
Cc: "t.petch" <ietfc@btconnect.com>; "Bert Wijnen (IETF)"
<bertietf@bwijnen.net>; <netconf@ietf.org>
Sent: Friday, April 11, 2014 12:08 AM

Hi Juergen,

>I tend to agree with Tom that 'reverse SSH' is potentially misleading
>or that we should pick a consistent terminology for both the TLS and
>the SSH transports. (I do not see that merging reverse SSH into RFC
>4742 fixes the terminology split we have.)

What terminology change do you propose?  I can only think that adding
the
word "reverse" into 5539-bis would be simpler than removing "reverse"
from
the reverse-ssh draft...

>And to make things a bit more confusing, we use 'inbound' and
>'outbound' in the netconf server configuration data model. ;-)

These are in feature statements only.  For instance:

  feature ssh {
       description
        "A server implements this feature if it supports NETCONF
         over Secure Shell (SSH).";
       reference
        "RFC 6242: Using the NETCONF Protocol over Secure Shell (SSH)";
     }

     feature inbound-ssh {
       description
        "The inbound-ssh feature indicates that the server can
         open a port to listen for incoming client connections.";
     }

     feature outbound-ssh {
       description
        "The outbound-ssh feature indicates that the server can
         connect to a client.";
       reference
        "RFC XXXX: Reverse SSH for NETCONF Call Home";
     }

<tp>

Kent

I know, I was leaving that issue for the moment:-)

I think that parts of ssh-server have nothing to do with the server and
apply to the client as well, so that as long as you remember very
clearly that the document title is 'server' then inbound and outbound is
unambiguous (well, as long as you remember that it is the ssh server and
not the tcp server:-)

But as and when parts of ssh-server relate to the client, well then
inbound and outbound are less clear, so I think that the use of inbound
and outbound is an issue that needs more thought.

And inbound is quite widespread in ssh-server, appearing in sections
2.4, 2.5, 3.1, 3.2, 3.3, 3.4.  The usage is consistent within
ssh-server but at odds with what I see as a set of documents, 5539-bis,
reverse-ssh, ssh-server
(and, perhaps, system-mgmt).  I read them all before making any comments
and it is the inconsistency between them that is driving me now.

And, as I said before, I do see 5539-bis as the simplest, the clearest
and so the one to move reverse-ssh and ssh-server towards.

Which gives you the work to do, which is why I offered to help.

Tom Petch

Thanks,
Kent

v2.23.0 | Report a Bug | By Email