Re: [netconf] Benjamin Kaduk's Discuss on draft-ietf-netconf-yang-push-23: (with DISCUSS and COMMENT)
"Alexander Clemm" <ludwig@clemm.org> Wed, 15 May 2019 02:54 UTC
Return-Path: <ludwig@clemm.org>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55383120127; Tue, 14 May 2019 19:54:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pMNTKxRAS5nR; Tue, 14 May 2019 19:54:01 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1400A12003E; Tue, 14 May 2019 19:54:00 -0700 (PDT)
Received: from LAPTOPR7T053C2 ([71.178.248.224]) by mrelay.perfora.net (mreueus004 [74.208.5.2]) with ESMTPSA (Nemesis) id 1MDyDQ-1habQH2nh6-009w5p; Wed, 15 May 2019 04:53:57 +0200
From: Alexander Clemm <ludwig@clemm.org>
To: 'Benjamin Kaduk' <kaduk@mit.edu>, 'The IESG' <iesg@ietf.org>
Cc: netconf@ietf.org, draft-ietf-netconf-yang-push@ietf.org, netconf-chairs@ietf.org
References: <155673770403.950.6197744294924652887.idtracker@ietfa.amsl.com>
In-Reply-To: <155673770403.950.6197744294924652887.idtracker@ietfa.amsl.com>
Date: Tue, 14 May 2019 19:53:52 -0700
Message-ID: <043c01d50ac9$7099a780$51ccf680$@clemm.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQJ3PF2dFB47j2Iq/ZH31Feu7eo0t6UmyTCA
Content-Language: en-us
X-Provags-ID: V03:K1:FYiw6WV1bArY7fqK39sG7fv6BJUBJp5u7bYJDEq4GA8qO+HDQ4c jniVlTAogG/FjLfnzw4koqwM6e51rq07qvhT699GdfgYh6wUzMQ1/+HR+ImtWRWWTvLG6q1 q5HdOaZIc8pwmNwNTtaHKpfh69iCW9CXi+awKQ+0wd20BchMUlbvojzQ9b6xXRRX8Njt9eL P5HgyflXh8jpId901pAjQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:DWii6VaFEME=:iIVgLtTfeuVqRQukdst+mL RcJdFUK2DGdWZiXkSAb8Nlnz6QavwARYlToA74Fd/p/tOVqphyGJpWBT5nI1PWFL2yI/7MyIr 61gw4oONlp/xcasYzeTcxjq+/2XvvHS0aBG4hcWboFXCCP/6y09fwqNvsJwm19lnbUupw/0V8 9MoC8pnmztbs3ZSvj8WivnxZnkdihC3sbYdh7nPZnXyJ0bYBK7aBtzDHDMtbmTPq+DtAEve3a TvUBIDbFz0AKfFEttS6OzcJGuMdDFD6lfu4FBgGuApFP3J9OuyF9x0F9ZlG3s2F2BC6w0PLhj KbtErAsSLT9oMBgUsmqFdx14nooKP287wxmtZXc/hz6/LF/cJwPuoq0WMTqAyYe9d1CvWysRz aTf9bGkw/CAZ/rszkKIhHdd8JEfGx/QkdnZiFPQmX/luSgVhLbmM6lg76A7N4cQ39j+fxeHbM crHkirSUSfJ/AINq5VeLtiZIbx4bh3STekiLoZVjuk3ByCe1ZKBREqTJtc6ojdhMfG6G9XFVR Bz3i+Sg+ncNasE4jjeiM82oh79sOqezoRiZxLPHGkmwsrStzgNOJbZAdmpIBiegC1SXuQzTtt r06DYjxiKAkPlAvsJDxBQCAZRd17oGpoAmtqKwEWYmsTly8RKirDAYKJMYGBr7T0hP2NvhKE6 7Khre+2KvnbaA6NqnD5Dxwb+ZpETKTPjERQgjLJ12KDxb7IcjEipMRuoUFxrFmIpTkWnUalhf OOd3OPi8F6Jv0B8eb1KxRY8R3Wa8LB8v1srSS7vq3uP3hYe2k0JEQSH0Zy8=
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/4RQe8JYCpfJya2b069bfDnS1YgY>
Subject: Re: [netconf] Benjamin Kaduk's Discuss on draft-ietf-netconf-yang-push-23: (with DISCUSS and COMMENT)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 May 2019 02:54:04 -0000
Hi Benjamin, Thank you for your review! Replies inline, <ALEX>. Update will be reflected in -24, to be posted shortly. --- Alex -----Original Message----- From: netconf <netconf-bounces@ietf.org> On Behalf Of Benjamin Kaduk via Datatracker Sent: Wednesday, May 1, 2019 12:08 PM To: The IESG <iesg@ietf.org> Cc: netconf@ietf.org; draft-ietf-netconf-yang-push@ietf.org; netconf-chairs@ietf.org Subject: [netconf] Benjamin Kaduk's Discuss on draft-ietf-netconf-yang-push-23: (with DISCUSS and COMMENT) Benjamin Kaduk has entered the following ballot position for draft-ietf-netconf-yang-push-23: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-netconf-yang-push/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Note that I reviewed the -22 and the current version is -23. Briefly skimming the diff, it seems that some changes touch on points I make in my review, but there is probably still discussion to have on them. (pro-forma) I see the GenArt reviewer noted the author count (seven) already, but I couldn't find a response or note in the ballot or shephert writeup acknowledging this. So failing that, I'll put up a discuss point until the responsible AD says it's fine. [See also discussion on draft-ietf-netconf-subscribed notifications about the pre-RFC5378 boilerplate and whether or not it can be removed from this document] <ALEX> Several of the authors have graciously agreed to step down and be listed as contributors. </ALEX> Section 3.3 states: In order for a subscriber to determine whether objects support on-change subscriptions, objects are marked accordingly on a publisher. Accordingly, when subscribing, it is the responsibility of the subscriber to ensure it is aware of which objects support on- change and which do not. For more on how objects are so marked, see Section 3.10. Chasing the reference, we see that this marking is left for future work or implementation-specific usage. I'm not very comfortable with the way we are describing this situation, as it seems pretty fragile in the face of different implementations trying to interoperate. <ALEX> The working group decided to pull this item out of this draft. It is being addressed in draft-ietf-netconf-notification-capabilities (https://datatracker.ietf.org/doc/draft-ietf-netconf-notification-capabiliti es/) </ALEX> ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for the very thoughtful document! I've lost track of the number of places where I started writing a comment only to note that my concern had already been addressed in the following text. In general the writing style is great, though I did find some grammar and clarity nits (noted inline). Abstract Providing such visibility into updates enables new capabilities based on the remote mirroring and monitoring of configuration and operational state. This phrasing ("new capabilities based on") is hard for me to follow, particularly about whether these are protocol-level capabilities and what actors are granted the new capabilities. <ALEX> The capabilities are clearly not related to protocol-level capabilities, but capabilities for applications that have uses for information obtained from YANG datastores. If it's okay, at this point we would like to keep it as-is. </ALEX> Section 1 Traditional approaches to providing visibility into managed entities from remote have been built on polling. [...] nit: "remote" is an adjective and needs a noun to bind to; "from remote systems", "from remote vantages", or "from afar" would all be fine wordings here. <ALEX> changed to "from a remote system". </ALEX> o Polling incurs significant latency. This latency prohibits many application types. nit: I'd suggest wording as "types of application", since on my first reading I thought this was referring to some sort of codepoint. <ALEX> changed </ALEX> o Polling cycles may be missed, requests may be delayed or get lost, often when the network is under stress and the need for the data is the greatest. nit: the grammar is a bit weird, here, as if a comma splice. I think replacing the first comma with a colon or em dash would suffice. <ALEX> replaced first comma with "and", to read: "Polling cycles may be missed and requests may be delayed or get lost, often when the network is under stress and the need for the data is the greatest." </ALEX> o Datastore node update: A data item containing the current value of a datastore node at the time the datastore node update was created, as well as the path to the datastore node. Is this storing the "new" or the "old" value as the "current value"? <ALEX> I don't understand the question. I think the statement is clear.</ALEX> Section 3.1 + Dampening period: In an on-change subscription, detected [...] is included. The dampening period goes into effect every time an update record completes assembly. Just to double-check: this means that after a long hiatus, the first change to the monitored subtree(s) triggers an immediate push with just the single update, and only then does the dampening period kick in and defer delivery of potential subsequent updates? <ALEX> Yes, this is correct </ALEX> Section 3.5.2 This bit about the "create" and "delete" errors from RFC 8072 Section 2.5 not being errors in our usage is a little interesting, process-wise. In one sense, we are changing the semantics of an already published RFC, and would need to apply an "Updates:" relationship to indicate that, but in the other sense we are building a new custom thing that reuses a lot of the syntax/semantics of YANG patch but is fundamentally a new (different) thing. The phrasing we use to talk about it can affect which case the reader perceives us to be in... The discussion on the "change-type" enumeration seems to pretty clearly place us in the latter case, which is good. <ALEX> Keeping this as is. </ALEX> Section 3.6 Thank you for the note about the power of XPath expressions and the duty of the receiver to understand what it's asking for -- that sort of statement would potentially even be appropriate in the Security Considerations (but is fine where it is)! <ALEX> Keeping this as is. </ALEX> Section 3.7 Of note in the above example is the 'patch-id' with a value of '0'. Per [RFC8072], the 'patch-id' is an arbitrary string. With YANG Push, the publisher SHOULD put into the 'patch-id' a counter starting at '0' which increments with every 'push-change-update' generated for a subscription. If used as a counter, this counter MUST be reset to '0' anytime a resynchronization occurs (i.e., with the sending of a 'push-update'). Also if used as a counter, the counter MUST be reset to '0' after passing a maximum value of '4294967295' (i.e. maximum value that can be represented using uint32 data type). Such a mechanism allows easy identification of lost or out-of-sequence update records. It's not really clear to me how much value there is in this counter mechanism if the client' can't rely on the server's behavior actually being to use a counter (the requirement is only "SHOULD"). Can this be a "MUST" (or maybe "MUST excpet when [...]") instead? <ALEX> Would prefer to not introduce no MUST requirements at this point and keep this as a SHOULD. </ALEX> Section 3.9 Empty "push- change-update" messages (in case of an on-change subscription) MUST NOT be sent. This is required to ensure that clients cannot surreptitiously monitor objects that they do not have access to via carefully crafted selection filters. By the same token, changes to objects that are filtered MUST NOT affect any dampening intervals. I appreciate this attention to security-relevant detail; thank you! <ALEX> thanks! </ALEX> Section 3.11.1 Do we want to give any guidance for the "incomplete-update" case about whether a subscriber should wait and give the publisher a chance to provide a full "push-update" for resynchronization (per Section 4.3.2) versus perform a normal query for the datastore contents and effectuating its own resynchronization? <ALEX> This should be up to the subscriber to decide, and what to do may differ for different applications. In some instances, it can afford to simply wait; in other cases or when specifically interested in one particular closely-monitored item it may decide not to and sync immediately. </ALEX> Section 4 o For on-change subscriptions, assuming any dampening period has completed, triggering occurs whenever a change in the subscribed information is detected. On-change subscriptions have more complex semantics that is guided by its own set of parameters: nit: singular/plural mismatch "semantics"/"is" <ALEX> changed to "On-change subscriptions have more complex semantics that are guided by their own set of parameters" </ALEX> Section 4.3.2 A "time-of-update" which represents the time an update record snapshot was generated. A receiver MAY assume that at this point in time a publisher's objects have the values that were pushed. nit: I think "had the values" (past tense) is more appropriate. <ALEX> changed </ALEX> Section 4.4.1 a publisher that cannot serve on-change updates but periodic updates might return the following NETCONF response: nit: "but can serve periodic updates" <ALEX> changed </ALEX> Section 4.4.2 The specific parameters to be returned in as part of the RPC error response depend on the specific transport that is used to manage the subscription. For NETCONF, those parameters are specified in [I-D.draft-ietf-netconf-netconf-event-notifications]. nit: "in" and "as part of" are redundant. <ALEX> removed "in" </ALEX> Section 5 It is slightly interesting to note that (apparently) the update-policy-modifiable grouping allows for a subscription to switch between periodic and triggered at runtime (by virtue of wanting a single grouping to cover all the cases and needing to be able to modify the parameters for each case). I would mostly expect implementations to deny such modification requests due to the needed complexity, but I'm also not sure that there's a need to mention this explicitly in the document. <ALEX> I think it is implied that a modification request can always be denied if not supported by a server. At the same time, clearly in general you would not change between on-change and periodic. Keeping as is. </ALEX> leaf period { type centiseconds; mandatory true; description "Duration of time which should occur between periodic push updates, in one hundredths of a second."; It would probably be okay to skip "in one hundredths of a second" given the usage of the centiseconds typedef. <ALEX> doesn't hurt to be explicit; keeping as is </ALEX> rc:yang-data resync-subscription-error { container resync-subscription-error { description "If a 'resync-subscription' RPC fails, the subscription is not resynced and the RPC error response MUST indicate the reason for this failure. This yang-data MAY be inserted as structured data within a subscription's RPC error response to indicate the failure reason."; It's a little weird to have the normative language here constraining the RPC error response that must be returned for a specific RPC, since this is not the description of that RPC. (It's probably also duplicating langauge elsewhere but I didn't double-check.) <ALEX> Keeping as is since it is clear what is happening. Note that there are limitations to the RPC semantics you can formally define in YANG, hence the description. </ALEX> rc:yang-data establish-subscription-datastore-error-info { container establish-subscription-datastore-error-info { description "If any 'establish-subscription' RPC parameters are unsupportable against the datastore, a subscription is not created and the RPC error response MUST indicate the reason why the subscription failed to be created. This yang-data MAY be inserted as structured data within a subscription's RPC error response to indicate the failure reason. This yang-data MUST be inserted if hints are to be provided back to the subscriber."; (ditto) Contrast to modify-subscription-datastore-error-info, which only has normative language about the yang-data being described and not the RPCs that (might) use it. <ALEX> Would keep as is. I think the semantics are clear. </ALEX> nit: push-update and push-change-update use different langauge about "does not constitute a general-purpose notification" and I'm not sure there's a reason to diverge. Their "incomplete-update" leaves also have divergent descriptions, but I think that latter divergence is more reasonable. <ALEX> Updated the description of push-change-update to align this part of the description of the notifications. </ALEX> augment "/sn:subscription-modified/sn:target" { [...] case datastore { uses datastore-criteria { refine "selection-filter/within-subscription" { description "Specifies where the selection filter, and where it came from within the subscription and then populated within this notification. If the 'selection-filter-ref' is nit: "where the selection filter" seems like an incomplete clause. <ALEX> Updating this to "Specifies the selection filter and where it originated from. If the 'selection-filter-ref' is ...". This way, the description also aligns better with the augment to sn:subscription-started/sn:target. </ALEX> _______________________________________________ netconf mailing list netconf@ietf.org https://www.ietf.org/mailman/listinfo/netconf
- [netconf] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk via Datatracker
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Alexander Clemm
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Benjamin Kaduk
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Alexander Clemm
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Eric Voit (evoit)
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Alexander Clemm