Re: [netconf] AD review of draft-ietf-netconf-sztp-csr

"Rob Wilton (rwilton)" <rwilton@cisco.com> Thu, 01 July 2021 16:27 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F09B3A097A; Thu, 1 Jul 2021 09:27:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.595
X-Spam-Level:
X-Spam-Status: No, score=-9.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=GEpAzegN; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=toVbFkZy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ro1ghqH5yikt; Thu, 1 Jul 2021 09:27:28 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25C2B3A0963; Thu, 1 Jul 2021 09:27:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=30044; q=dns/txt; s=iport; t=1625156848; x=1626366448; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=SkC2zLfEpfuUCRUpwv2f7N6W8phDsuG8BUbdqTHlcLE=; b=GEpAzegNd1dsTFcwA1a/8SdLxyIEZT9ZBr+yojFn9Iw7O+1XqmzSkM6j JDZi121soNzruhlCKdq13QWPgAXg/VZTjL5uOY/ulk8Lor2M2yfXXq4C3 m2aGv4kQ2i3KgHiLtBs7TDrj4kimtWrmDTFOYxcw6h/839pu7o4dWzoSh E=;
IronPort-PHdr: =?us-ascii?q?A9a23=3A8SitpBEiP+3sUBg1fBKdM51GfjwY04WdBeZdw?= =?us-ascii?q?pEmkLlJNK+k+seqME/e4KBri1nEFcXe5ulfguXb+6bnRSQb4JmHvXxDFf4EV?= =?us-ascii?q?xIMhcgM2QB1BsmDBB7wLeXhaGoxG8ERHFNg9muwZE5SHsu2blbOo3q0uDgVH?= =?us-ascii?q?Bi3NQd8KunvXIDIiMHi3OGp8JqVaAJN11KA?=
IronPort-HdrOrdr: =?us-ascii?q?A9a23=3AjvKWz6iJvtkWR3E9qERzU4NdyXBQX1x13D?= =?us-ascii?q?Abv31ZSRFFG/FwyPrOoB1L73HJYWgqN03IwerwR5VpQRvnhPlICPoqTMmftW?= =?us-ascii?q?jdySqVxeRZjbcKrAeQYBEWmtQtsJuINpIOdOEYbmIKzfoSgjPIaerIqePvmM?= =?us-ascii?q?vD6IuurAYOcegpUdAc0+4TMHf8LqQCfng/OXNPLuvk2iMonUvFRV0nKuCAQl?= =?us-ascii?q?UVVenKoNPG0Lj8ZwQdOhIh4A6SyRu19b/TCXGjr1QjegIK5Y1n3XnOkgT/6K?= =?us-ascii?q?nmmeq80AXg22ja6IkTsMf9y+FEGNeHhqEuW3fRY0eTFcFcso+5zXcISdKUmR?= =?us-ascii?q?AXeR730k4d1vFImjfsl6eO0EPQMkfboW0TAjTZuC6laDPY0LzErXQBepB8bU?= =?us-ascii?q?YzSGqE16Lm1+sMjZ6jlljpxKZ/HFfOmj/w6MPPUAwvnk2ooWA6mepWlHBHV5?= =?us-ascii?q?ACAYUh4bD30XklWqvoJhiKpbzP0dMeRf309bJTaxeXfnrZtm5gzJilWWkyBA?= =?us-ascii?q?6PRgwHttaO2zZbkXhlxw9ArfZv0Eso5dY4Ud1J9u7EOqNnmPVHSdIXd7t0AK?= =?us-ascii?q?METdGsAmLATBrQOCaZIEjhFqsAJ3XRwqSHr4ndJNvaM6Dg6aFC7qgpfGkowV?= =?us-ascii?q?LaSnieQfFmhqc7hywlaF/NKggF5PsulaREhg=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A9BwCA7N1g/5BdJa1aHgEBCxIMgg4?= =?us-ascii?q?LgSMwKSgHd1o3MQuEPYNIA4U5iG0DgRCZFYEugSUDVAsBAQENAQEqAQwIAgQ?= =?us-ascii?q?BAYQORAIXglwCJTQJDgIEAQEBEgEBBQEBAQIBBgRxE4VoDYZFAQEBAQMBARA?= =?us-ascii?q?RChMBASkDCwEPAgEIEQQBASEHAwICAiULFAkIAgQBDQUIGoJQgX5XAy8BAwu?= =?us-ascii?q?cJAGBOgKKH3qBMoEBggcBAQYEBIFJQYNeGIIyAwaBOoJ7hAwBAYZhJxyBSUS?= =?us-ascii?q?BFUOBYUo2PoJiAQECAYEnHhorCYJhNoIugjQyMQYXGwwmBBQ9AQFbIAUfFRE?= =?us-ascii?q?VKQIDAQoqCyCRIwsygw+IIYNjiUWQdoEWCoMhiiSUFxKDYYtBln+Vcowqk1M?= =?us-ascii?q?NAoRjAgICAgQFAg4BAQaCJzuBWXAVO4JpUBcCDo4fDBaBAgEIgkOFFIVKcwI?= =?us-ascii?q?BNQIGAQkBAQMJfIloAYEQAQE?=
X-IronPort-AV: E=Sophos;i="5.83,314,1616457600"; d="scan'208,217";a="908394868"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 01 Jul 2021 16:27:09 +0000
Received: from mail.cisco.com (xbe-aln-005.cisco.com [173.36.7.20]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 161GR4D9006265 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 1 Jul 2021 16:27:08 GMT
Received: from xfe-aln-003.cisco.com (173.37.135.123) by xbe-aln-005.cisco.com (173.36.7.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Thu, 1 Jul 2021 11:27:05 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xfe-aln-003.cisco.com (173.37.135.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.15; Thu, 1 Jul 2021 11:27:04 -0500
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.18 via Frontend Transport; Thu, 1 Jul 2021 12:27:04 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h8qk3Fcmks+b0gg5VFa5I6DFvM4WWBbWC8YzTaSFnRFL3uVMuOchZra4jIaR0Sry72faWqrR+kmY+IbQjHRgbifdDLGbdAhK8isr/rXVZGxXj9WPZkm+TVtpY+ozcOJO3vEzomgqw7Nf+TtMzbuTJhTqDNpR43HnYiTMsaj3/9kE0weAt4/zFwj8BOuMoL607pYBjn+h4M7pqeRWJL0VNwrLW5stqpRbccX2M9XMYN+GJuKZrUgahZ7QZO2NVBSuKKGD6h9wbxAGJmSOPpKhy3sZK0TPwKXzMIbFFY9eL/axA9xox5EIMLyq4DT4NjhPlkVjciDYxTFTOKGFYll1Vw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SkC2zLfEpfuUCRUpwv2f7N6W8phDsuG8BUbdqTHlcLE=; b=Mmsg2Qtc0/PK1OaMciVz8akVl+36UMVLJPj2LrFQDikWEq5x+tE8MrsrP7PMze6wz/gH2zRZi3vEy0scPye1rnzCAgy7Y2Kq5VpRhfVGSEOOwKoNNFbmW91uXzgidyy/fv8RPrhJP+EeiNcDHR4n7aYDkf8CvDe2l7rWhfapHCghLw7dg6fdCy/0cB/2jxL8uDnY3STwk88uAkE0bys5mdaB8Vv2vMHaTzQhZ3KL9iHjWT+ylgKAnwJj9lzAeEGpFwy8NqsTbfRJQ6hCgX6hT7eq5rPuvw6MyxfZdKOaM8QS8vyxPAE+/yqSIyJ1VfGb7IX+ATzHAgFfNjzHiYPnfQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SkC2zLfEpfuUCRUpwv2f7N6W8phDsuG8BUbdqTHlcLE=; b=toVbFkZyA8+PVsRrfXfEJ7JCEOl/9oL50YJ8VU7zHs/g5Hr9bRSwdEA0Jp49n7RfjaG+aTp60DSXRVer50CdLuJalh6SH+tHMj7Mmwk7MUPQeM/WDe0E0EjTrVYecaWCz7fPyM6zVIsDiwd+JI9G9gBBEW5cNsCrFIwYVRgXEDA=
Received: from DM4PR11MB5438.namprd11.prod.outlook.com (2603:10b6:5:399::21) by DM6PR11MB4188.namprd11.prod.outlook.com (2603:10b6:5:198::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.23; Thu, 1 Jul 2021 16:27:02 +0000
Received: from DM4PR11MB5438.namprd11.prod.outlook.com ([fe80::a85a:cb8b:2d73:5e12]) by DM4PR11MB5438.namprd11.prod.outlook.com ([fe80::a85a:cb8b:2d73:5e12%5]) with mapi id 15.20.4287.023; Thu, 1 Jul 2021 16:27:02 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "Charles Eckel (eckelcu)" <eckelcu@cisco.com>, Kent Watsen <kent+ietf@watsen.net>
CC: "draft-ietf-netconf-sztp-csr@ietf.org" <draft-ietf-netconf-sztp-csr@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] AD review of draft-ietf-netconf-sztp-csr
Thread-Index: Addmei+76OsPA+grSaqUN2qOgkG4uAAMdT6AAAAewWABnu9RAAAAK88AAFbWcgAAARf/YA==
Date: Thu, 1 Jul 2021 16:27:02 +0000
Message-ID: <DM4PR11MB5438FDC9FD698E6E979ECDDBB5009@DM4PR11MB5438.namprd11.prod.outlook.com>
References: <DM4PR11MB543889219C08694C147C6DA4B50A9@DM4PR11MB5438.namprd11.prod.outlook.com> <0100017a2f082e6a-1197e3c8-f8be-4d59-ba1c-8d39029a31fc-000000@email.amazonses.com> <DM4PR11MB543824369BA6920C7FA67BDEB50A9@DM4PR11MB5438.namprd11.prod.outlook.com> <0100017a59889ad9-f6e6f999-bc15-437e-b802-18e11330e81b-000000@email.amazonses.com> <0100017a598d16c2-ad53b3ac-6ad0-4dc6-af51-7d1dc1b9ad9f-000000@email.amazonses.com> <68207CCB-3FD3-45BC-8640-32B0E54F731B@cisco.com>
In-Reply-To: <68207CCB-3FD3-45BC-8640-32B0E54F731B@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [82.12.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1faf100c-e630-45ff-38cc-08d93cad0f08
x-ms-traffictypediagnostic: DM6PR11MB4188:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR11MB418862F1C885D9415DF333E4B5009@DM6PR11MB4188.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3xgAB3FFpjOgaoINim7wYWK8WEQiST/UIWeicVbtlCBEBgr35POhuL5oFGb4V17EcRciUAAAUjemJn8O6+7TT0nxu6fytMAWE1EeBiwbtjOmhJeEQ4F+POh5cXXfv3D6088sDaVP0fGewlMi9ARe4GMBDNQ2hM39vW6HTKKgFFWvq7ulio+l6zFYQ9N2HXKGJ0BUGS8oI0vQjGV6oJYntDMrWdF2E1Yv2ws02bdgy0I/S/+SiaxmxKLbrRJ3oHhgXx5wEZTQE2hsfGCZ498UCiQ9o3arTobtwGDRQtF84FFSDFsRfs6V4LxWxTO8zu1xW59dMHqCFRbALWIcgZoVKxsam/XBZmnAISJ+wPTGIkYG4OeEaEMy7XWumJvL/iGhMPoAZypEwbSV47EQMViCK6+aEq7nFU/mdXIT4U2gg3F8bL4eH1WdwAhi5hvDc0u10KXwzqC1jXEoSkK0WehXbwG2sFBas72CUhjwFbv5lYzMBhy3tCw5YrW94OZHpcPpu5urCIZxTVUC9k20TCoVTbF2HyGDRGHsE+HTzzmZAkQ5FeQbHvPi5dwuPz2VeNmqjLyzeMZzoCdkM7iYTHsY89AbVI2pH+X0IBo77cPQtCeWAA1f38f6eHTiHMakjk1B+0DQ9WTSKP5MYcgKTMgx5fAs26W86fLnAiGARFVBemanH2Jm3L6SFvHFPQaZ+EiXKSDy/vtEcjIkZv+TJX/BYGPEZeeCCUqbtTlUAXOz31z6a3s65oT3ZgQkVry4VdZk5WcU2At9iLARC//x3OiHI8DQTBvYQGO3aU9QXjAZMJaBY5dDlGfLKZFA7io2x++C
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM4PR11MB5438.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(136003)(366004)(39860400002)(376002)(396003)(71200400001)(8936002)(122000001)(55016002)(38100700002)(5660300002)(9686003)(8676002)(4326008)(7696005)(33656002)(2906002)(86362001)(83380400001)(186003)(53546011)(66476007)(52536014)(66946007)(6506007)(66446008)(64756008)(66556008)(26005)(76116006)(966005)(166002)(54906003)(478600001)(110136005)(316002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?RkpoRzhCYjJCeXhYNXFJWVFXMEdkb2V0VEc4SW8zRU1uYTNaUkdYVVZVN0Zo?= =?utf-8?B?d2duY3QvejRqZjAyeWdEZHRBcWdJc2JtaDh2KzQwbGVCempyKzMvTXpsTm9n?= =?utf-8?B?YnJvcjUrdjlicDlYY1U1ZlhDTmNBVVgxdXBVb2ZDZ1Jucy9jVVRnMjU2RUMz?= =?utf-8?B?VDduMlpBUmRsajRRdXE0VkdpR0IrVEx6R2FwcVh0MjFCNyt0M0p6dVRsYkFy?= =?utf-8?B?TGpNUmNwSXJwZ0RZSFFvTjRXK1FDWE42U0Z2MWNDbzhjSXhxZks5UTFNSU43?= =?utf-8?B?TTRNcHQrcnJpaUdHb0VzT0ZVbUxnbHhSMHBwVVAyL1MwNkQrWkx2UHRkaCtj?= =?utf-8?B?Zk15SmhyOGF3Zk5LN3BHSHNrWjFwUEZpQW91QnhOdmFYY3pGVm1yMVJ5Wjdx?= =?utf-8?B?dkJnTFFySkRVR1BBN1ViaVVNbmV6TTlnNjdhY0JSZzRwSWgzTkhacXhRM3Vy?= =?utf-8?B?aFBYbXdaZTkwT0c3Ni94UzBkeStSV0FONjZsczlwNUp0WFJQYmtqNDBCdXF2?= =?utf-8?B?K1RhVnRUbzc0d3NGeEhXZXZpMnNjZFA3blhRVGlFZmlMZ0lnVXczbU5Kd01Q?= =?utf-8?B?VFBQODJkWENsZjlnT3F3NEVsbmM1Yi9wTzhRMlhrMXN2Z2JxeWVlOUx6czFa?= =?utf-8?B?OC9rTk5mazEyUXY3andsemdBZXRZT0JmcmV3ODA5TFp3QUlmc3pFa3JxRlVU?= =?utf-8?B?YSt6alhUZVNHM3F2L05BaFZZaDFieHhLU0lYZXQwQ2s4RFhtL3FPbkVMRmxS?= =?utf-8?B?MzExOXZrTS9zOWFnSC9sdWRicHNWTDlzWm9YdU5id2dPQmNnbUlNYmtQRXB6?= =?utf-8?B?NVRUWk44L3dnaGM4WnJ6Mnc5NE5Ccnk3N1VTTHdSa2JwSm95aFJ0RXZDTTJL?= =?utf-8?B?azgwMEUzRExCWTRkRHpqUmdlTklQSUJvblBSMnVPbFhVQTBPQ3ZkZ1RHZkFS?= =?utf-8?B?eHdOY04wb3ZRM2M2ODVVMXU3c3BTeEVvRjBudi9USjVoSzF3a3dielBMMnhE?= =?utf-8?B?aWs5UDFYQWY5R2w4Szd5QWUwYkY3TlFBbFdoOWthZlJTRmpKbzdDTGhsVlFL?= =?utf-8?B?THVFQ3MxbG94VjBhZWtOWDl2ZmhWRGUxblp6UHNvMUZ0cEVhOURYRHdvdGRT?= =?utf-8?B?UnNhRUlsTU8yaStycDc4TnJZRWV5TTBrb3NBTVYzbTRLcHRyL3Z2TTRvV0da?= =?utf-8?B?K045UTBwTEJyVTErQzZqcEE0amxhK0hDL3hieStFVjJFcjlkSUpjNzJqR2Z3?= =?utf-8?B?SmJkd1IybVFGRkJ3VWo1K2tnN2h3WVpoOFZiZUpQc0gvVlFrTXJoVC9Da21P?= =?utf-8?B?ZFVoQk5wRjFuVi9CS01xN3c2MC81YUhySUJSRU95bE1HcjJLWFJiU0F0c2lE?= =?utf-8?B?dnNqLzVUc2NNd0tIaGV1VXFob3VJbXJvTHcwb1ltc1BvQ1VhV1lLMmhnMndN?= =?utf-8?B?VDJCelBaMExQTTZPWnIxVm1WZm5yd29DMG9oTFUvREhHRmFNOE8rS0VkM3Zv?= =?utf-8?B?Vno2WUtLTm5jbGdwZnBpZHpIMk1DeDltSEkyNE5CaGFvcDlPYW1lTSs5ODdD?= =?utf-8?B?d2hnK0h2bUk4Q0V6R2JWS01rY1ZwYXFrUXdlelNvSkUyMEhhV1diMnpRc2V3?= =?utf-8?B?UGRLWmpIT3NERFZiZkFJbG1QcHZCb2QzM0pDbkhTMHhLOStmKzdweGlLWTZm?= =?utf-8?B?ajRkcFVPbDkvUHdJTFRubFp4ZDVlTEdPRmVaRlpJcm5VODNDekxaMGwvSWp5?= =?utf-8?Q?AhlVhai1bdFVdAfyKTDvunE0g5FD/hMH4W23pyp?=
Content-Type: multipart/alternative; boundary="_000_DM4PR11MB5438FDC9FD698E6E979ECDDBB5009DM4PR11MB5438namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM4PR11MB5438.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1faf100c-e630-45ff-38cc-08d93cad0f08
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2021 16:27:02.7666 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mHCypGOwxm2wRLT8YOYRSHvDWwnp3yN2xIu960vj1RHqT4QAjyp5mk3CnFdiUyyeyy3clajnI8edGBu/bFXUtw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4188
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.20, xbe-aln-005.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/4gaQ2S5MV5mN_3gweQX4CCJxGDY>
Subject: Re: [netconf] AD review of draft-ietf-netconf-sztp-csr
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jul 2021 16:27:34 -0000

Hi Charles, Kent,

Thanks for the suggestion.  The problem with that 401 requires the server to return a WWW-Authenticate header field (as per section 15.5.2, of draft-ietf-httpbis-semantics-16<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-semantics-16#page-161>)1>).

I’ve also asked Francesca (ART AD responsible for HTTP) if she has a view.  She has taken a quick look and suggested that defining a new code is probably not the right way to go, but said that she would take a proper look after today’s telechat, but if we want to get other opinions then we could also ask on the httpbis mailing list.

However, I also noticed that RFC 8040 maps from NETCONF error-codes to status-codes, and defines:
+-------------------------+------------------+
| error-tag               | status code      |
+-------------------------+------------------+
| missing-attribute       | 400    (which is what you had originally).

An alternative could be:
| data-missing            | 409              |

Which NETCONF defines as:


   error-tag:      data-missing

   error-type:     application

   error-severity: error

   error-info:     none

   Description:    Request could not be completed because the relevant

                   data model content does not exist.  For example,

                   a "delete" operation was attempted on

                   data that does not exist.

Which would go hand-in-hand with 409:


15.5.10<https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-semantics-16#section-15.5.10>10>.  409 Conflict



   The _409 (Conflict)_ status code indicates that the request could not

   be completed due to a conflict with the current state of the target

   resource.  This code is used in situations where the user might be

   able to resolve the conflict and resubmit the request.  The server

   SHOULD generate content that includes enough information for a user

   to recognize the source of the conflict.



   Conflicts are most likely to occur in response to a PUT request.  For

   example, if versioning were being used and the representation being

   PUT included changes to a resource that conflict with those made by

   an earlier (third-party) request, the origin server might use a 409

   response to indicate that it can't complete the request.  In this

   case, the response representation would likely contain information

   useful for merging the differences based on the revision history.

I don’t see any great choice here.  I now think that aligning with RESTCONF seems to be right thing to do (so not using 300).  Perhaps choose “data-missing” & 409 if you think that is slightly better, or otherwise go back to “missing-attribute” & 400.

Regards,
Rob


From: Charles Eckel (eckelcu) <eckelcu@cisco.com>
Sent: 01 July 2021 15:21
To: Kent Watsen <kent+ietf@watsen.net>
Cc: Rob Wilton (rwilton) <rwilton@cisco.com>om>; draft-ietf-netconf-sztp-csr@ietf.org; netconf@ietf.org
Subject: Re: [netconf] AD review of draft-ietf-netconf-sztp-csr

Hi Kent,

I have not been following this draft closely but had a thought on this thread that I thought might be helpful.

It seems to me a 401 would be more appropriate in this scenario.
If the server does not require a CSR, it returns a 2xx response.
If it does require one, it returns a 401 indicating which one it requires.

Cheers,
Charles


On Jun 29, 2021, at 1:54 PM, Kent Watsen <kent+ietf@watsen.net<mailto:kent+ietf@watsen.net>> wrote:

 s/Since been/I’ve been/

K.



On Jun 29, 2021, at 4:49 PM, Kent Watsen <kent+ietf@watsen.net<mailto:kent+ietf@watsen.net>> wrote:

Hi Rob,

Since been spinning on the below thread since we had it and am wondering if if would be best to ask for an HTTP expert review?   Please advise.

The reason being is that a close reading of "300 Multiple Choices" suggests that it’s used by an HTTP-server to indicate when there are multiple choices for a resource, whereas in this exchange, the “csr-support” node in the client’s POST effectively indicates that *it* has multiple choices for the server to choose from…

I’m beginning to wonder to the document might need to define a custom HTTP status code to properly indicate the semantics of the response…

Kent // contributor




2. Section 2.2:
 Assuming the SZTP-server wishes to prompt the SZTP-client to provide
 a CSR, then it would respond with an HTTP 400 (Bad Request) error
 code:

I wonder whether returning a 400 "Bad Request" error is really the best
return code, i.e.,

it wasn't clear to me whether this requesting the capabiltiies is really an
error.

Did you consider potentially using other return codes?  Possibly:
300 Multiple Choices,
403 Fobidden,
406 Not Acceptable

I did before look at all the 4xx codes.  I was initially drawn to 412
Precondition Failed, but noted that it is specific to HTTP request header
fields.   As for the others you mention, the semantics of 403 Forbidden is that
the request should not be repeated, which isn’t out case, and 406 Not
Acceptable regards the use of the HTTP “Accept” headers, which aren't in
play here either.  That said, 300 Multiple Choices does appear to be a better
if not perfect option, so I made that change in my local copy.
Ack.


_______________________________________________
netconf mailing list
netconf@ietf.org<mailto:netconf@ietf.org>
https://www.ietf.org/mailman/listinfo/netconf