Re: [Netconf] Mirja Kühlewind's No Objection on draft-ietf-netconf-zerotouch-25: (with COMMENT)
Kent Watsen <kwatsen@juniper.net> Thu, 06 December 2018 01:41 UTC
Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0D90130F33; Wed, 5 Dec 2018 17:41:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.161
X-Spam-Level:
X-Spam-Status: No, score=-4.161 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nu104wapOacv; Wed, 5 Dec 2018 17:41:02 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70A43130F23; Wed, 5 Dec 2018 17:41:02 -0800 (PST)
Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id wB61eYMX006359; Wed, 5 Dec 2018 17:41:01 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=oLaXyONhLHthTuptjMx/zPjbkBXGmidsR/if5jLyAJc=; b=sUKzUmLxofcGpJU1Ad4/7NHXxAjEouqaHEGBzw0v27zVA0pEMFPOAFqWNbLSHECtzXzO HTV3yQghHE5WZg32RzeuHFMlpzvBbEXfFqP2DvoIqBGB+PoE1ylKn90YknGloGzV4RN2 6j0IRkRadzI1FY2lS6jR0Vp9hCS2mHw3Hp+tu+n04ro8HJtRh33P2g6ILesBK6sFkLZy Jf/sK9ujITRBEG0tqFe0D88jXX0qDYnDis+mhXsIwNGMgySOszeH4XR2bvzQLCeAr76A tjqW7U4xIYi/CYKkMOX1NVB3ZQj4BxnE3WgreXQx74iYU6XTXMFd90iN2n62K5ipMQXo Iw==
Received: from nam05-co1-obe.outbound.protection.outlook.com (mail-co1nam05lp2058.outbound.protection.outlook.com [104.47.48.58]) by mx0b-00273201.pphosted.com with ESMTP id 2p6svvg11g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 05 Dec 2018 17:41:01 -0800
Received: from DM6PR05MB4665.namprd05.prod.outlook.com (20.176.109.202) by DM6PR05MB4921.namprd05.prod.outlook.com (20.176.112.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1404.17; Thu, 6 Dec 2018 01:40:58 +0000
Received: from DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::f0f3:20f0:2104:638c]) by DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::f0f3:20f0:2104:638c%2]) with mapi id 15.20.1404.020; Thu, 6 Dec 2018 01:40:58 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Mirja Kühlewind <ietf@kuehlewind.net>, The IESG <iesg@ietf.org>
CC: "draft-ietf-netconf-zerotouch@ietf.org" <draft-ietf-netconf-zerotouch@ietf.org>, "netconf-chairs@ietf.org" <netconf-chairs@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: Mirja Kühlewind's No Objection on draft-ietf-netconf-zerotouch-25: (with COMMENT)
Thread-Index: AQHUiN1CjGA1OI6J5Uy6mtg8q/bNCqVwo+uA
Date: Thu, 06 Dec 2018 01:40:58 +0000
Message-ID: <B0AF8548-5434-4A25-8D61-D80F6CB57FF6@juniper.net>
References: <154360369395.27402.18143504350346119719.idtracker@ietfa.amsl.com>
In-Reply-To: <154360369395.27402.18143504350346119719.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.4.181110
x-originating-ip: [66.129.241.10]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM6PR05MB4921; 6:+dC0r9+mItnzezR98rDioH6y0nelhdDCGlYVACEyp4uflDqvpoLbvWRBRSle51rP+fdOdR2/zwizetIpwDXkDapVNrSfDxL/1HuZPSJMRnVQp0nxOJmshj3Fsd+nyIUYM4biQqkP6YLLOcF6csjHNf6GU3bHP5xad2skw5tAuhBbLq9Bt61Pg4CmahzxVGkSFwM8+ZbfNhyaLiqQEZUHJYujHkTomUkHZ42IVL14+GHWuYfMYv8BV9o5DGbvFJuO5vYSK50X53fU1hn6+7lrxfyhQJEX5/oKgeLXmgHDYZ4mBz/v235ITAZJxqNRl2z0cb/updFNNwsifYT71ilZnBt7b1dfOujHUlBr+IkYXYOTOpyXZX4hgRNWK0OCXK0FnEP+/POh5I93WnF1tS7gtCram2lPl/W1D7cCSL+Io4QJdztswyOVC9/SKi1ELj1maDCyaXpqN8keCyvqhvlaLw==; 5:+WBaF4pT8yvJx37OIgLtkFK/MrxWZtuJ9Pe1R8gkXrsAHA4pB3YtIu1DB1HvRCkwXYoElK9zMFRMWiU6uiYl+YajQPBFJoW2RaFOXCBrvDXSV0hZS+jx6J1c1xqSNiBbtwb7Jor3BIWIb5usJITHaWqOS3O5D4DrNcNg96j8MAs=; 7:/3Js6n9ON0/PQ/SP6HnohXnG2pftEEn3xnBl84eDoD9s+g1TGt49muRNX8KeBH25Nmcn/a++T+I9DQsOuRr9RBjuwMdU8g0iAGIkZ6JRSU9vtVi1baxFxkjRWVb8zsUSqLvKQ/seenf6aRaHctJZ5w==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 029dc751-9ae8-448d-a8da-08d65b1bdf4b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390098)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DM6PR05MB4921;
x-ms-traffictypediagnostic: DM6PR05MB4921:
x-microsoft-antispam-prvs: <DM6PR05MB4921BB71D70DB5FDD7C3B95EA5A90@DM6PR05MB4921.namprd05.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231455)(999002)(944501520)(52105112)(3002001)(10201501046)(6055026)(148016)(149066)(150057)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:DM6PR05MB4921; BCL:0; PCL:0; RULEID:; SRVR:DM6PR05MB4921;
x-forefront-prvs: 087894CD3C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(396003)(376002)(346002)(39860400002)(366004)(199004)(189003)(186003)(2906002)(110136005)(7736002)(6246003)(305945005)(53936002)(6512007)(446003)(14444005)(99286004)(6306002)(11346002)(83716004)(256004)(486006)(26005)(76176011)(6506007)(102836004)(575784001)(86362001)(2616005)(36756003)(6436002)(71190400001)(81156014)(229853002)(14454004)(106356001)(224303003)(224313004)(8936002)(81166006)(82746002)(71200400001)(316002)(966005)(5660300001)(3846002)(478600001)(6116002)(58126008)(68736007)(6486002)(4326008)(97736004)(105586002)(25786009)(66066001)(33656002)(476003)(54906003); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR05MB4921; H:DM6PR05MB4665.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: gzm/AjfhwHCbcWHnLHvGcHNndJ19Zy17v/FcRftTdcAhTkHVsHM8RAwCIqgIIOPeSFSDtOMIuaa/+PzD0LEDSBPSK+X8Z7PIWWbmcq0iNCytS1etES6UYkeAsJ2cO7GDgjgylS5P/h6DFn51MUMeewA+H07NzSRhdNLeQcGQIRKzzv97KxIgCtREuIBcoPAVnxryLvx/Qb3C9CKO/zsRMw98AX9OnwzUhbTRbdYIM5je2lh76AErMJjLCUcvrSHlN/x581ydNAtwRg4ErIpS3366UHwf4sEeARLKv/4O9J+t7hZlL7cehQ+Tn/I2yqO1uPeubFfqfG40e3UfA+xr0rap/w+mNWNWjO/+G1tlgLw=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <41FFAB0E85CA7C4CB89FAA4BE4CFD08B@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 029dc751-9ae8-448d-a8da-08d65b1bdf4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Dec 2018 01:40:58.7088 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB4921
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-12-06_01:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1812060012
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/54lGSdHkV0XeiIcFddYiZPwPzH0>
Subject: Re: [Netconf] Mirja Kühlewind's No Objection on draft-ietf-netconf-zerotouch-25: (with COMMENT)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Dec 2018 01:41:05 -0000
Hi Mirja, Thanks for your review! Please see below for responses. Kent // principle author ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- > Thanks for this well-written doc. > > One quick question which wasn't fully clear to me from the text > in the doc: If onboarding fails at some point, is the device > supposed to iterate over another bootstrapping source or stop > completely? The device is to never stop trying to bootstrap, even in case of a failed attempt. The hope is that that the device's failed attempts will be noticed and rectified by an administrator of the operator's orchestrator/NMS system. Checking the text to ensure this intent is conveyed, we find in Section 5.3: Otherwise, the device MUST attempt to process the onboarding information as described in Section 5.6. In either case, success or failure, the device MUST exit the recursive algorithm, returning to the bootstrapping sequence described in Section 5.2, the only difference being in how it responds to the "Able to bootstrap from any source?" conditional described in the figure in the section. So, in your case, it is a "failure" and thus the answer to the conditional is "No". However, to your point, the current s5.2 text says "Loop and/or wait for manual provisioning", which isn't quite right. I have fixed this in the Github commit link provided below. Continuing checking the text, we also find in Section 5.6: If the device encounters an error at any step, it MUST stop processing the onboarding information and return to the bootstrapping sequence described in Section 5.2. In the context of a recursive algorithm, the device MUST return to the enclosing loop, not back to the very beginning. Which I think is pretty good as is, though it might help to tack onto the end of the last sentence ", thus allowing the logic to attempt all possible bootstrapping options before starting over." Thoughts? > One minor comment: > Maybe spell out TPM and provide a reference. Fixed all three instances of "TPM". Here is the Github commit for the above changes, as well as a minor/unrelated RFC4408-reference issue reported by Adam: https://github.com/netconf-wg/zero-touch/commit/0e86ec25f0f83c49dc1ec37e2b9f20bdec874a6f Thoughts? Kent
- [Netconf] Mirja Kühlewind's No Objection on draft… Mirja Kühlewind
- Re: [Netconf] Mirja Kühlewind's No Objection on d… Kent Watsen
- Re: [Netconf] Mirja Kühlewind's No Objection on d… Mirja Kuehlewind (IETF)
- Re: [Netconf] Mirja Kühlewind's No Objection on d… Kent Watsen
- Re: [Netconf] Mirja Kühlewind's No Objection on d… Mirja Kuehlewind (IETF)