IETF Logo Mail Archive

Re: [Netconf] zerotouch issues found while preparing -20

Kent Watsen <kwatsen@juniper.net> Wed, 14 February 2018 01:00 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69ED51267BB for <netconf@ietfa.amsl.com>; Tue, 13 Feb 2018 17:00:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.68
X-Spam-Level:
X-Spam-Status: No, score=-2.68 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, T_SPF_HELO_TEMPERROR=0.01, T_SPF_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TAKpmc2_0uSA for <netconf@ietfa.amsl.com>; Tue, 13 Feb 2018 16:59:58 -0800 (PST)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2DA01200B9 for <netconf@ietf.org>; Tue, 13 Feb 2018 16:59:57 -0800 (PST)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w1E0xtgh030685 for <netconf@ietf.org>; Tue, 13 Feb 2018 16:59:55 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=CQtadwW2jbozSRUXAmb2BMAKGPodGbz1zz3r5zeoSgU=; b=bm5N+fXpzqZLoNzwvZoS5civquspcU+/WCcozQ0uoLcC1/mQdtAb4s85Md7NxO3rQCE0 vaf3hKTXasCmFXh0a1fNvAfghabE2i8IOL9Hb0Oc+huQxCnjdJNbMm3o4vwvjdP72eWX dvMYGUL74BfVXQPLi/7FPmNnO2x813SslqA2sCxSYuNdNVExuOPEAof403yROt1uOTSn QiMdsCJoOSpvJQ0TbyxMZ9NMrPnLlMQ4IPb+GSoxQC75H5vDe/zUL2HlSx8/UwbEceWo DUSTOuuxrk7w1iAP5pf/jJcf1lEPISqzmggAAL8FVQRnH9cmysMjQFmtDSblPWXY83W2 dQ==
Received: from nam02-cy1-obe.outbound.protection.outlook.com (mail-cys01nam02lp0054.outbound.protection.outlook.com [207.46.163.54]) by mx0b-00273201.pphosted.com with ESMTP id 2g48t8r6wq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <netconf@ietf.org>; Tue, 13 Feb 2018 16:59:55 -0800
Received: from DM5PR05MB3484.namprd05.prod.outlook.com (10.174.240.147) by DM5PR05MB3291.namprd05.prod.outlook.com (10.174.191.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.7; Wed, 14 Feb 2018 00:59:54 +0000
Received: from DM5PR05MB3484.namprd05.prod.outlook.com ([fe80::7433:3915:f20d:6747]) by DM5PR05MB3484.namprd05.prod.outlook.com ([fe80::7433:3915:f20d:6747%13]) with mapi id 15.20.0506.013; Wed, 14 Feb 2018 00:59:54 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] zerotouch issues found while preparing -20
Thread-Index: AQHTlyuJU12+v6DK80a7U7VvcTdjHqOi3BQA
Date: Wed, 14 Feb 2018 00:59:53 +0000
Message-ID: <76F493FC-0C53-47C1-AB5D-E3EF97D45745@juniper.net>
References: <EB9ED782-BAAF-44EF-9191-C31B76266208@juniper.net>
In-Reply-To: <EB9ED782-BAAF-44EF-9191-C31B76266208@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR05MB3291; 7:aju71y2++/zlgVDB7WCzJBR4boDx0TycnqR5kC1zfQQ407wuweo6XLcpXRGJeq+cbZC469b0SxR35UcpzuTmClPsmXQ0B7Z2wTD34ZV/Qa17wIiQgI98Bcz4MnE+WYX0FpRcxZf8kXwLdYdUjnu1VbY5DTEDvZ+ePV3bJTEizmcepbL/x+UCH35wuMDb+Uab3TVF4+lQDufX5DwwTsY2kkR4WhRlG5Mmp3pReNoSNmfDOjhgXJ7M4bpEGRHwfRxa
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 68602ef2-9e42-49d6-3f91-08d573464258
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7153060)(7193020); SRVR:DM5PR05MB3291;
x-ms-traffictypediagnostic: DM5PR05MB3291:
x-microsoft-antispam-prvs: <DM5PR05MB3291D41C2F7CF4F2D3E85E85A5F50@DM5PR05MB3291.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(10436049006162)(166708455590820)(17755550239193);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(10201501046)(3002001)(3231101)(2400082)(944501161)(93006095)(93001095)(6055026)(6041288)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:DM5PR05MB3291; BCL:0; PCL:0; RULEID:; SRVR:DM5PR05MB3291;
x-forefront-prvs: 0583A86C08
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(396003)(39860400002)(366004)(39380400002)(199004)(189003)(8676002)(86362001)(561944003)(3280700002)(2950100002)(5640700003)(6916009)(25786009)(6512007)(6306002)(14454004)(76176011)(3660700001)(1730700003)(6486002)(81156014)(106356001)(3846002)(305945005)(6436002)(5660300001)(7736002)(81166006)(6116002)(8936002)(33656002)(2900100001)(105586002)(68736007)(5250100002)(2906002)(6506007)(575784001)(59450400001)(2501003)(58126008)(2351001)(229853002)(83716003)(99286004)(316002)(966005)(66066001)(53936002)(478600001)(186003)(26005)(82746002)(36756003)(6246003)(97736004)(83506002)(102836004); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3291; H:DM5PR05MB3484.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: IjaJQuNFTd0S3Otswv0sIIBHSAYT8KsRuK1cIgH+/53BhIG59We7/bkQgRopa3YEYVn205uTJo2FFb89lrGxWQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <5C16CD8308F1A14195B39FC9105B930D@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 68602ef2-9e42-49d6-3f91-08d573464258
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2018 00:59:54.0309 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3291
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-13_12:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=985 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802140007
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/9ogsJ244j18-URvauLLhN7xBpBk>
Subject: Re: [Netconf] zerotouch issues found while preparing -20
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Feb 2018 01:00:00 -0000

Following up on the git commit shared below, here is an update to the 'description' statement for the "configuration" leaf:

https://github.com/netconf-wg/zero touch/commit/f8e2b5af46f2385d6cec2c36832ccb05bea7f97c

Please excuse my company's URL-mangler below.

Kent // contributor


===== original message =====


I found another issue while updating my PoC code to the current draft.  The issue comes from the draft's "zerotouch-information" artifact, a PKCS7 structure, only supporting a JSON-encoded payload.  The reason why it only supports a JSON-encoded payload was discussed on list before, but it goes to aligning with what draft-ietf-anima-voucher does.  The issue manifests itself when the payload encodes "onboarding-information", which has an 'anydata' node called "configuration".  Being 'anydata' inside a JSON-encoded document means that the configuration itself must also be JSON-encoded, but this is a problem for devices that don't support JSON encoded configuration, especially given that it's not possible for a bootstrap server (that may not have access to the YANG for the configuration) to generically convert JSON to XML. 

Stated the issue another way, the current solution couples the encoding of the submitted configuration with the encoding of the envelop that's used to convey the configuration.  

To address that, I propose replacing the 'anydata' node with a 'leaf' of type binary.  I don't foresee any interoperability issue with this change, as already the data sent to the device must be device-specific.  To be clear about this proposal, here is a commit that illustrates the change:

 https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_netconf-2Dwg_zero-2Dtouch_commit_14d92eec946b50eb980b51670ace6ce8bf2e2334&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=faUqriB9skFYZtE6_oZ7hNbTizENpQ4YshBRdUWH1ZE&s=xsa6WrFHOZGyuJ5mYPrBSnEUFgGnFhiZlJ-yoloEkfg&e=

While this is a technical change, it doesn't change the solution in a material way, so I'm hoping that it doesn't necessitate another last call to approve.  If no objections are raised, I'll also apply this change to the pending -20 update.

<SNIP/>

Thoughts?

Kent  // contributor

v2.23.0 | Report a Bug | By Email