Re: [netconf] Truststore: bags, sets, or other?

Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Sat, 01 February 2020 08:09 UTC

Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89415120112 for <netconf@ietfa.amsl.com>; Sat, 1 Feb 2020 00:09:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJybCasAEXKW for <netconf@ietfa.amsl.com>; Sat, 1 Feb 2020 00:09:21 -0800 (PST)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10062.outbound.protection.outlook.com [40.107.1.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DA0712004C for <netconf@ietf.org>; Sat, 1 Feb 2020 00:09:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QttnkCS9ukDCwe30rgkEtWqK4TGtvi6Xml7QF67kUdUshMeJs1qB3XaCC/xtu7d9np+WSezOPj6mscNEK309cDmnxMkmAwd8B37gGpv7H7zIDX8JX5yQJZRV+iFqREylHh5CtXBApW+RjMnmQde/qa7AcMEVTGpoGCHLk8qbkXjIoDz0TQ36CYqOcG9o2hwIvF9cRmRUUAQ8vdakOj0v2EMf1kV+47Tfeeo/28uuBefptHkH0LjjhlBXWdUv62VBZtXi5tFEHME9Y8Dej/A+9q8IwmRqniQQ+EV3ReNxeaSAaYChP8C1nynKfUSTtdUIpCqEc3x7TwlR1gGJYOImog==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0hFJUFD7NntkEbyRSrMcnYYtgil9o3UTD6LK8DJ57f4=; b=R3qLu4pDChFH/7RQGl8DDePf47k1om/18PcD9vhfzCm4TJKtrrJ3cxlEUtSpZ+XZOuXK9Ti+SJCr6ZABbcUT6HWbfE8a3fi95S54gvWnZLC89QEOzGHHFK7i1gc46hB0t4LfuikImXjNwqIc1QiE+Wpja3RKW2KEcq8KMBpvFzNi87ek/mxs3RT3XldQLVvSuRm6NUrJZHtq8t+z5rWbeGvFdXNKgdX5v8oABxk8z45P0c8coztwPnbsPa/1soQ4tJkBNoo6NNkyCidV2mo8hbrwUNkC79+IjbcsJ9O5OhI0Ak49OtTnHXLaPGHqoUXWwTdWc5RZp5CreqgMLiDpeQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0hFJUFD7NntkEbyRSrMcnYYtgil9o3UTD6LK8DJ57f4=; b=YUeAqZBuUmtJRo6Biuha//dMehGVKbUsxIiUX5FN9/sBKUlDIWY1DSldLb3uRmPN0MCiBHq/Jy/7ZDaN9cOow/ie3tQXOEbSjNZ//TwxVuDBd3lTnWUEo0AxuDxYUrotKev/PCPiiGKBZKFc04Xu0VAIM5rLjJQQX1XBLtaeN4s=
Received: from DB6P190MB0312.EURP190.PROD.OUTLOOK.COM (10.165.140.31) by DB6P190MB0517.EURP190.PROD.OUTLOOK.COM (10.165.140.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32; Sat, 1 Feb 2020 08:09:17 +0000
Received: from DB6P190MB0312.EURP190.PROD.OUTLOOK.COM ([fe80::bcdc:4d6:7dfc:a946]) by DB6P190MB0312.EURP190.PROD.OUTLOOK.COM ([fe80::bcdc:4d6:7dfc:a946%6]) with mapi id 15.20.2665.027; Sat, 1 Feb 2020 08:09:17 +0000
Received: from localhost (2001:638:709:5::7) by FRYP281CA0010.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.28 via Frontend Transport; Sat, 1 Feb 2020 08:09:17 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: Kent Watsen <kent+ietf@watsen.net>
CC: Martin Bjorklund <mbj@tail-f.com>, Russ Housley <housley@vigilsec.com>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] Truststore: bags, sets, or other?
Thread-Index: AQHV2IKuy7SZ9bYHJ0yrmq5smVlPU6gF/MUA
Date: Sat, 01 Feb 2020 08:09:17 +0000
Message-ID: <20200201080916.yrlurqzzlconhxlr@anna.jacobs.jacobs-university.de>
References: <0100016ff91dfd1b-9e8e6622-7e36-45dc-a661-f4702b494040-000000@email.amazonses.com> <20200131.111027.840757629039452002.mbj@tail-f.com> <0100016ffda3d528-f411ef14-2813-4372-99c4-8269e5ea435e-000000@email.amazonses.com>
In-Reply-To: <0100016ffda3d528-f411ef14-2813-4372-99c4-8269e5ea435e-000000@email.amazonses.com>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: FRYP281CA0010.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10::20) To DB6P190MB0312.EURP190.PROD.OUTLOOK.COM (2603:10a6:6:34::31)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 33e65517-3a9d-432b-f350-08d7a6ee08a8
x-ms-traffictypediagnostic: DB6P190MB0517:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DB6P190MB0517B649AFCD4DC181690995DE060@DB6P190MB0517.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 03008837BD
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(396003)(39840400004)(136003)(346002)(199004)(189003)(66476007)(66556008)(66446008)(64756008)(85202003)(66946007)(1076003)(5660300002)(85182001)(4326008)(54906003)(6496006)(52116002)(316002)(786003)(186003)(16526019)(6486002)(8936002)(81166006)(86362001)(81156014)(478600001)(966005)(3716004)(71200400001)(3450700001)(2906002)(8676002)(777600001); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6P190MB0517; H:DB6P190MB0312.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: rtUcirO1X34y06YZPz3UB7BWSEePUYhJD9HEHJn2L1C8ftwl2Auw4V/ZOND5BtRteEulN0F0Hnh3HmLCzMX9eb07m0IE8/S6w5hPyNgKs50lriCX6wVMeqthV1FvG9x3wXJWKotRFvR3yd+dPqrYEmU0fe2z9UBhCezvON8SFGy5nxQ3m7dBfyC+QLQNWhxs88PEBWNbTK451j/+PQMqk3W6bcdmfkR5G6ncYLX4DROaIdyKdIn16YFDgcsGmu6iBeNVwKPxVHmQ/ruzm/xx1czR0YvmCjF6cg6MmPVwO6gmlBgW4hFcFWf3KLaBrPwqcd1qGPGkiNrmDuYPHuePIvkInzx4ejIRG/zN24PgKRk1xQUjkqQ5F+39mmm49u5v6QzUMaC/zb3ohdugamg79aZOW6Eja2UQ8i/9pXqJ+uV4DDfE2vO3aye7h+CE6Yw4yURtxF6svef3FbgTKXp2x5usnTrMZswKpDfIXzVbFhighBK5mW031KYqKkbgNYfAWyvZcWzCvflMRtxaI0dH8ZBBkTg7IJTOwOCnQmZanUxMinE+nphJzyr/nuIwGduS
x-ms-exchange-antispam-messagedata: FEyLjnsw2XNQC5eAKtUcue1v4tzvnwIuCCDG4gQ9lxFYkafRkrvBRrTW9FEu5yxGRE4IaqRwaUjzscM7K5jPJSTaIUXPgSQprhk1lmaS0vGgvIkPLwJk+P964cis58U/PfYn4/pOUfCh5XFe/a7jmNa2WhmMJbqGCi6+3smy4vU=
Content-Type: text/plain; charset="utf-8"
Content-ID: <D4B25A542E63864084A614176E95C5AF@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 33e65517-3a9d-432b-f350-08d7a6ee08a8
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Feb 2020 08:09:17.6210 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: m9RTE6BWhlOiKf4zY0M00FSwDBGXtVbgpW3ZuEDoV61yI6EzRM4DxKHPnyCOlGxmlETOsSMp6/Fei/Rg3OZ1b/48whXYRSNTvJ4BtbyUA3w=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P190MB0517
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/6B2dyEAjhBzVF6WSrDa4UmL6wqQ>
Subject: Re: [netconf] Truststore: bags, sets, or other?
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Feb 2020 08:09:25 -0000

A common interpretation in various data structure libraries is this:

set: unordered collection of something, duplicates not allowed
bag: unordered collection of something, duplicates allowed

/js

On Fri, Jan 31, 2020 at 10:06:10PM +0000, Kent Watsen wrote:
> Hi Martin,
> 
> >> NEW:
> >>            +--rw <thing>-bags {<thing-feature>}?
> >>               +--rw <thing>-bag* [name]
> >>                  +--rw name string
> >>                     +--rw <thing>* [name]
> >>                        +--rw name string
> >>                         …
> >> 
> >> Better, right?   Any other ideas?
> > 
> > We have current published modules with both "-list" and "-set".  No
> > "-bag" so far.
> > 
> > For example:
> > 
> >  "list rule-list" in ietf-netconf-acm
> > 
> >  "list module-set" in ietf-yang-library
> 
> True.
> 
> 
> > There are some examples of "s" as well, but these are plural "s" for a
> > normal list of singletons, and should have been named w/o the plural
> > "s" (if we were to be consistent).
> > 
> > I would try to avoid "s" for a "list-of-lists", but then pick the
> > suffix that feels most natural in the domain.  (For example, rather
> > "list access-control-list" than "list access-control-set”).
> 
> Agreed.
> 
> > Perhaps you can argue that "-list" works better for ordered sequences,
> > and "-set" and "-bag" for unordered.  But then there are "ordeded
> > sets" and "unordered lists" (and even apparently "ordered bag", in
> > UML).
> 
> Perhaps.
> 
> > The plural "s" is better for a surrounding container (if one exists).
> 
> Agreed.
> 
> 
> I also received a private response from Russ, who rather not join the netconf list, but said:
> 
> 1) “bag” was originally created to deal with issues with ASN.1 the SET and SEQUENCE types, and since have entered general crypto parlance outside the PKCS#12 context.
> 
> 2) “bag” is the ideal term for when conveying a unordered collection of X.509 certificates.
> 
> 3) “bag” is not known to be used in the context of SSH host keys or RPKs, but there isn’t anything wrong or bad with doing so either.
> 
> All said, I believe the best course is to use “bag” and, more specifically, to use the "/x-bags/x-bag/…” structure that is present at the top of this message.   Assuming there are no objections, this change will be in the next update.
> 
> 
> Kent
> 

> _______________________________________________
> netconf mailing list
> netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf


-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>