IETF Logo Mail Archive

Re: [netconf] Reuse of SZTP-CSR YANG definition in BRSKI-AE

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Tue, 20 July 2021 12:20 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F14AE3A1FF7; Tue, 20 Jul 2021 05:20:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HaQyLiKXCGU0; Tue, 20 Jul 2021 05:20:02 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2086.outbound.protection.outlook.com [40.107.20.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 502BB3A1FF5; Tue, 20 Jul 2021 05:20:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I77Sp3eSadMNY2RM6rsCMttoByonEPp+op/spmpYj52ViMgUr0Hk3fRGyPp9PI0CRV/jdGceuldnSBmR5xybazCamYNA39YedckpK7mhH3WUROQGIzUwH3P6cgURCRw19hpbPzKQ+xmMOexfSdog2CjO2L0SWa277bfGZHWwr47J8NgVPnHoQMgmrJLEkQ5OSg9YLnP+r8deglXSuN++qhE47DrkdjJBfkdbpg3GFMsmqmr3J7NyUk3xHeGogWdh/bQZ6M/wcU7P448tqBAlXh0SE1ytcDHgRB8ORTuN0NaWfklFb2r5oIawz9YolHCktmHu2zQHihjUYzQn5FxrGA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3FHLF6kvk20wNI1g2IuVNIxJYAazrx/mmegGkLpZpKg=; b=JoTs2qprcFfWniV27Shcm4atOYZ9GV6xBZb8U88oGdWQGpX/5brI7WKD7Jxk0E+qR+ZS25kT20iJnVMCzSF2oJ83eB8LXgHJfKqV61NxEvQ9uLLMAUIDUvjIDhtjSO2hIYFnkmHQJl55XdxLmRCpATdNcOL74YMmyVRjPKTl0bCahhtUAZdTuTCgIdtMhWynwl//4RwEhD+1PJD+OkVvBJlzn3xDlF2Qp5OiMaLMAUWZT/6CBtzyFTTzD794TTZC18RbJuCq88+ZEtgF4VD5JbkeDhmz9g+XMIYMWk28AiQ5X8Hg81PUM5cvn0DXOSDXlrzF3Yb+W5v+oS/X4mQlwg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3FHLF6kvk20wNI1g2IuVNIxJYAazrx/mmegGkLpZpKg=; b=ndcbu/m0nV+hhn3vUeBd/OJT7IVKBQCnsRNPyVLnHTB1cmYWskyhbgfrwUCVG1Z3x0pV6ZhAfnzLeeaRdTP5bgUTtZ1SFuz1Uhwv1thpcNpbO6srj+dx+B9WRNvi37GWYcQXId/rRNcH84S+k6lwe2BHLJhoNKX5aDQMSkF8zyM=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM8PR10MB4113.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:1ee::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.21; Tue, 20 Jul 2021 12:19:59 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d10f:2627:bd2d:f3b4]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d10f:2627:bd2d:f3b4%6]) with mapi id 15.20.4331.034; Tue, 20 Jul 2021 12:19:59 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: "draft-ietf-netconf-sztp-csr@ietf.org" <draft-ietf-netconf-sztp-csr@ietf.org>
CC: "netconf@ietf.org" <netconf@ietf.org>, Michael Richardson <mcr@sandelman.ca>, "steffen.fries@siemens.com" <steffen.fries@siemens.com>, "Werner, Thomas" <thomas-werner@siemens.com>
Thread-Topic: Re: [netconf] Reuse of SZTP-CSR YANG definition in BRSKI-AE
Thread-Index: Add9YY5oIJglKqbmShqNe6/Y8/p8oA==
Date: Tue, 20 Jul 2021 12:19:59 +0000
Message-ID: <AM0PR10MB24181C2543FFF36BA1EDA889FEE29@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2021-07-20T12:19:58Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=6bbd233a-0344-4cae-b1ce-386b9c573a5f; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 87cf9c09-9336-4bf1-cbaf-08d94b78b1a9
x-ms-traffictypediagnostic: AM8PR10MB4113:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM8PR10MB41138921157858F6945988C1FEE29@AM8PR10MB4113.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sORTu601+rrwjgtHkirwVjrcq4Caqz4kXSnFywPHPNqA4zdDOUkZHw9psDcjfbXrn8g/O0TcUYj+kJFxSNNs5yUXDcnPqPIiazVSdK80+aLXyiMbr0zb8qj4/jg/iED0E9jHrWbaTNXNgEYcoU6UN81F7VPAyJBRQ8zM3XQayBIS/VjQ9y4ewV6juMPZkPs1EdQ/PY9eWEKCt5cjxdR3B3OuTcR472NZrY6vBfcUWBOXlhl/3Y/pSgMzl+a0MPDAXos3huVg470ILLwSeIsTdFVqIDvFEQWxTskt12tJC/CSqJejoEXuYtW45YvLCS8TSoviFN6wq1KsLtWgNN1rXzdthGRtjL/v1FoOqVypDis0wUg0OH2hsu4Hsy5/UgrmjCBQLCGl+JVwHZJCTUtgCX6HLfspDd/jZwMxUJzOnywZI2pwgbu/KefUX5+GBGicL2DXnNRLVTUS0lwOgL4JgFXQoNshKCf/QF8tye3jXa3K+zO778Wl+PY7aH6Ob6TF4xQMPEJ5v7vVtt5nMIr1y+1I4EetrSp8Cl4oZtlfk94hwtjYFQw2AKUx4Hqgw53VKVXXPr6NFjsahZQFYrJLbLICcOjPp52OXfZ/F5vLOTh4K3Z3HRuAqLn9ZU2e99qXteayf33/Tx36cVwKdrmfqihjKfwebYUsYZCRrjgYF6AAeOivtYZVAFhz2nrBZYV82QLr9ThmhoFpTkFJUzQObai1fqeTLDIOyCMTraW0X+k+H/jlcDIWqQp2ZMwQrCYI6rc1aPVuxMhOF0J4MtRJfvxHc8k5eJk55C8SY9EbfrUAifcp3MvoRD9AnPBA5Mva8BeRAJL7hqIG1kx+omD1Eg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(39860400002)(396003)(136003)(366004)(5660300002)(86362001)(122000001)(83380400001)(38100700002)(2906002)(478600001)(8676002)(316002)(52536014)(4326008)(7696005)(54906003)(107886003)(9686003)(26005)(6916009)(966005)(66556008)(186003)(66946007)(55016002)(8936002)(66476007)(15974865002)(64756008)(71200400001)(6506007)(33656002)(66446008)(76116006)(38070700004); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: byuPWw3zYyKKwopouj8ylRHBuCN+r0fre8J6lrMqd4PuWGKg0xeYf5uXgImGLUBfLULmKtLmlfD01+MrtKdN5ECAGhB0SZhUGf82DNXG4LhupzdFVpKx6nxbF2/FVFiYqfiHsgWkLnAghkux6cObNkVfY2k8S/L9CEV5wvBOc3mnag2/kKq37SlFNQ1oM0oE+as+hvXGFAHjDE7OefkXLsas7hhfGmfVDlHAENVpSmkW7Zk1lG+ttht2Mc73WLER6kzZxRtb5GioG1f50Ht7EEwqeyg/CNzEosEDIJixmnW9pa+4IwSTTOkq6V51YuTajzgO7HoEHAoaZ6ucHh3HsdnJLSUxqE3ZA4qXIi/4kre9OClwQeWN+AtEbQct9O04eE7J/CnZ3Am2nPxtnh4Ueikgu7poTSxcJD9C7HzJs5bWm/Q5yFdFbtATkI7xJqFmLExl2IOINzyKWv/gbwRN5vEMqxtxI/sjIBT5ZUuY+Jxbqqe75LLNejGqyncuScWy2Y8KRWVkujtb5pOKvu5aOGPxVuMBKq+DUyvzas0RxTwBUeciuolC2r3lZ4Qbnp1/gS7Q+Igu3h1qj1y+IkGpGkGXBit+lPx8FlLKpS5DQwSSuvlJyaoduLs8C4X60hJENifEXP8/Zg8LOO5IVdnGZ+etPj0jTftMZ9JI4Tb5hW3b1ULUCeT2PdC+ODPl4/p3X8ndRqBui09XqqQuAOj/3+/laPyS28RCgTmIJNF7LdlTQV1NHN3iYQ+eHyj7Vc9/gIlkVQ5lgj5VS5UyAejTRQnel6QqTsTAED/uuiKdwcfEwk7jJgqu76K5NKCvW2HMFbPtsIIr+kTEI2EGpZAERmDoKnx6m/eEnVjEX4DtQgNoAzi1WE8Ep00j8LLkAPg3rsBKT9QVdI2io+xaxyifB/MzIMZ4Klt1q9pgRvQlNH0YJSMKx8kjKIyGyz7kDStBAsmJvxhmbYUFDIUJXJDPRSN2rqzRDfVbioJjgDoSQS0K+uafdYFDU/pgI2dsMOXNgYouSdpUnDfQUrAl77SKlZMT0OAltTn6xHzWyriEfpl7QH2jytefg9Lhia7AI74gWC+AckEUlhRGgL3bCBeMrh8OOanxECmkchO1M1wC+hOh9plYwg5WGjkCh4CMQuR6AL7yEF1DbZ/R4Un6H7oCp7Yr6oVP46WwLdImpDQHwEOkaQwVStm/o983a5TC9H7w6cdpE+OpU2jpnuaDJ1v+s02OYRx7va12e5Z25lyNvPcoT7Cxu3/TzEdk+DeP57w0feCUlia4i5Rwazjx8Vkgv60arYbex7hyXpc7BT+wSpUGPwUEDQrDEWYTW/lVIMIU
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 87cf9c09-9336-4bf1-cbaf-08d94b78b1a9
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jul 2021 12:19:59.7610 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: V9Ti5V76p9Ep0BeXv71N93pZHqQC2yOjGD/8Zh2joEou8hYzcz3c2tmQAjp4BmB7Cf8tFfkoPude833JNdaQF+7/5jsy6/Az3cgmNGyZsIg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR10MB4113
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/L8gEEkFTn6B9pcSMe1anM5D6-jY>
Subject: Re: [netconf] Reuse of SZTP-CSR YANG definition in BRSKI-AE
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jul 2021 12:20:07 -0000

Kent, Russ, Sean

I was not involved in the discussion of reusing the Yang Module in BRSKI-AE some weeks back. But we would like to use the momentum that draft-ietf-netconf-sztp-csr is currently opened for editing for CMP specific corrections in the YANG module ietf-sztp-csr for brining up this discussion again.

In BRSKI-AE (https://datatracker.ietf.org/doc/draft-ietf-anima-brski-async-enroll/) we address a use case in which we use a signature wrapped CSR, for which we would like to re-use the existing YANG definition in SZTP (see also the discussion in the thread https://mailarchive.ietf.org/arch/msg/netconf/AFFqdeYJll9IndkQfT6scXWct6U/)
As BRSKI-AE  currently only utilize the CSR type part without the SZTP bootstrapping server information, it would be advantageous for BRSKI-AE (for general applicability) to extract the CSR types into a separate YANG module, which could be imported by the YANG module ietf-sztp-csr and can be re-used also by BRSKI-AE. This would avoid a potential protocol specific definition of CSR types for SZTP and BRSKI-AE with most likely the same content. In addition, while BRSKI-AE currently only utilizes P10, it would open the possibility to also utilize other certification request types in the future.
We would like to ask if you see an opportunity for this change (separate ietf-csr-types YANG module as part of draft-ietf-sztp-csr) at this point in time.

Hendrik

Siemens AG
Technology
Research in Digitalization and Automation
Security Architecture
T RDA CST SEA-DE
Otto-Hahn-Ring 6
81739 Muenchen, Germany 
Tel.: +49 89 7805-22411
Fax: +49 89 7805-29116
Mobile: +49 174 1517765
mailto:hendrik.brockhaus@siemens.com

www.siemens.com

Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim Hagemann Snabe; Managing Board: Roland Busch, Chairman, President and Chief Executive Officer; Cedrik Neike, Matthias Rebellius, Ralf P. Thomas, Judith Wiese; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin-Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322

v2.23.0 | Report a Bug | By Email