IETF Logo Mail Archive

Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

Balázs Lengyel <balazs.lengyel@ericsson.com> Tue, 08 October 2019 07:40 UTC

Return-Path: <balazs.lengyel@ericsson.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4832F1200F8 for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 00:40:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmdaLRy1rGEf for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 00:40:49 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60088.outbound.protection.outlook.com [40.107.6.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 785A81200D5 for <netconf@ietf.org>; Tue, 8 Oct 2019 00:40:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R+uKVI0m3iBHVewkMYopGxis6RTOFlZrrrBVWIEAdHwl664SLEQC2MeOFDSUgtApciLHShLI3BmuDoj+XRNg2iS6UuzD+/yFC7NselX2moh7JlSZjyRSXkTGOno4pXLEC1ZMAHe/TPk+PiUQJcWWV7rF16SFp2ZdhrirB20st7J+BAG/icK6AYvV23xGu7Rs3+O8cZ2KJSf1uf0leNYAmr9uucRt2+YKSAYwqyI4SVzQBUcRbiDx+MWCW+g6oPohKrPYAan9/mifoctVi5dn5SA+9qt4iNk68UrKdfy2RJbtnKWCB7tGIkjGW8mEzKYJFI07cvKcZnp/z5LQou3k5w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JA/dOFkxPnRo1XLoouzqtzK95Eh3dMBVe5+9Fb9RGgM=; b=jMkuy9WvNxUeEpk+ugbf8jbqT8RKPfxl6RgDKIZjlJ/ZFxPZmznbKtHeh8j8cg5M0gbkt4DNv3qwYPILJlgAEA8J7kMGrD3apmW46QowBSGzz4Qp/eJuwfyMvMDEwO+KrHDW4MBJpjuHD7MRh6feZV0bfPqlbS6AVVmKfV1Abapu7hLLrFPRv+UMidBKvZBFnnVszg6J0c7BPgtx22t7sts1fIfuqFDv77TV71Fxx3FvKhBVpsE9opQY07YPPIU1MonQ1UY2AxgFSoEQHVNPEgCACqQiyO7L69slti6IGEGAR6Q9lmllYgq5dI1GsWLwT8z2FxHMLOeKDEHo0i+22w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JA/dOFkxPnRo1XLoouzqtzK95Eh3dMBVe5+9Fb9RGgM=; b=nDDQBYMsjr1pV0czUKzJsJ745guhgjiH8PH28H21ZsusOaPUi0T0/ZwlEUa4oRsCxaenMtlAvfHifVUEZaMJ0S4aTibnkEsThuSt6XP0DsPqpsNwN6sjMaLLmNGpdjxYrRxVoTdMPqIwbO5iZUCj0WchLeMop1D+VAs5JFBj4mo=
Received: from VI1PR0701MB2286.eurprd07.prod.outlook.com (10.169.137.153) by VI1PR0701MB2173.eurprd07.prod.outlook.com (10.169.135.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2347.13; Tue, 8 Oct 2019 07:40:46 +0000
Received: from VI1PR0701MB2286.eurprd07.prod.outlook.com ([fe80::2d49:4ace:81d8:2fbc]) by VI1PR0701MB2286.eurprd07.prod.outlook.com ([fe80::2d49:4ace:81d8:2fbc%12]) with mapi id 15.20.2347.016; Tue, 8 Oct 2019 07:40:46 +0000
From: Balázs Lengyel <balazs.lengyel@ericsson.com>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Netconf <netconf@ietf.org>
Thread-Topic: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
Thread-Index: AQHVaCiq/P3ytjAdYEi7Gp+LSYgUDqc7MLcAgAk6LgCAAxRsYIABuy4AgAF9B/A=
Date: Tue, 08 Oct 2019 07:40:45 +0000
Message-ID: <VI1PR0701MB22866B2C3143DB9E0FB9FDEAF09A0@VI1PR0701MB2286.eurprd07.prod.outlook.com>
References: <D3B39347-DFB7-4BEE-8B22-0EE07AEB1F5A@gmail.com> <4F49DF08-B7FC-4EBD-9D6B-7BC329E50334@gmail.com> <MN2PR11MB43663B72FBA8D839E539A001B5820@MN2PR11MB4366.namprd11.prod.outlook.com> <VI1PR0701MB228681C3737A9954323B7774F09F0@VI1PR0701MB2286.eurprd07.prod.outlook.com> <MN2PR11MB4366904781E2542E148636BCB59F0@MN2PR11MB4366.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB4366904781E2542E148636BCB59F0@MN2PR11MB4366.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.lengyel@ericsson.com;
x-originating-ip: [89.135.192.225]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dd8a5a4d-c57c-4c35-1b84-08d74bc2d4b2
x-ms-traffictypediagnostic: VI1PR0701MB2173:
x-microsoft-antispam-prvs: <VI1PR0701MB21737DF5DFF40E3649C3A0CBF09A0@VI1PR0701MB2173.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 01842C458A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(366004)(39860400002)(136003)(376002)(189003)(199004)(51444003)(5660300002)(86362001)(76116006)(99936001)(85182001)(74316002)(7736002)(66446008)(64756008)(66556008)(66476007)(66616009)(66946007)(66066001)(2906002)(6116002)(3846002)(790700001)(316002)(85202003)(66574012)(110136005)(8676002)(81156014)(476003)(81166006)(8936002)(7110500001)(33656002)(11346002)(15650500001)(2420400007)(486006)(102836004)(14444005)(25786009)(55016002)(14454004)(9686003)(54896002)(6306002)(478600001)(186003)(26005)(6246003)(256004)(446003)(99286004)(6436002)(71190400001)(71200400001)(53546011)(6506007)(76176011)(229853002)(52536014)(7696005)(9326002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0701MB2173; H:VI1PR0701MB2286.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dY1Q7kHRpxUWF1acmcTeASuDtZpF6cSIJq0rW0vJ+tbqYQ6AEYHpEux/t/aAGk1ALCWMqnvUXJuqIYCnRWgQkvCf/9A7lx0xP5cINtloizZJNrV+A0y6sRFZx7MhKAw9Rm5ooxlH+dzrZ888q4lNRojE75D9xmibH286G0SkfFJSg3QGY+kxX9YwQi2iimNNR9wmyXPkNuHQ9G9vuA0XcX7SWp7Zi5aA6bzwPtQT5hDyx4IuJUY60EjZ4VuyuLElp+7uDLt8M7eIcsRjYnwBXBnION9xXdqbI8Hh7+L+iHnjF/gtEEc9bsdGhOoOo9I5gXhRnnYviCGe1XEWL4L0Fg0XiehsyviKUt/9GGnUoJXbcfxuvI5PmRI4JNtPykzxNMOlDrRbXZXq8tcCpzH/MbhlvqWom+QoFzT0Xy/Rjhw=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0050_01D57DBC.74583880"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: dd8a5a4d-c57c-4c35-1b84-08d74bc2d4b2
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2019 07:40:45.9445 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YXW8yaDtuRdic4hODbVPLPUviUVJcvuNzsA5AD600YEXUkM63C1HAqCCRZN7XeCd1xzkOy5yoqWGZQ7dQZK9Wim3toMwKB1GVY01g/kn7Rk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2173
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/MhxexMxEwWeavcKpFQsGpxEV-bU>
Subject: Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 07:40:51 -0000

Hello Rob,

See below. I only kept the parts we are discussing. I will answer model related issues in a separate mail.

Regards Balazs

 

From: Rob Wilton (rwilton) <rwilton@cisco.com> 
Sent: 2019. október 3., csütörtök 18:13
To: Balázs Lengyel <balazs.lengyel@ericsson.com>; Mahesh Jethanandani <mjethanandani@gmail.com>; Netconf <netconf@ietf.org>
Subject: RE: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

 

Hi Balazs,

In section 3, I think 

 

   The information SHALL be provided in two ways both following the

   ietf-notification-capabilities module:

 

should be:

 

   The information SHOULD be provided in two ways both following the

   ietf-notification-capabilities module:

BALAZS2: OK. But in this case I will need to use SHOULD in the following 2 bullets too.

 

 

-        Is “max-objects-per-update” optional.  What if the server doesn’t have any hard limit - can they just not return a value here?  If so, perhaps assigning a default value of uint32_max might make sense?

BALAZS: It is optional. If there is no hard limit or the limit is not known the leaf must be absent. The module description include the text:

      Any capability value MAY be absent ... if the publisher is not capable of 

      providing a value.

[RW] 

OK.  Then I think that there should be a bit more text about what values mean if they are not specified.  E.g. perhaps the following (if this is the right behaviour for all properties).

 

Old:

      Any capability value MAY be absent if a more generic capability

      value is already provided or if the publisher is not capable of

      providing a value.

 

New:

      Any capability value MAY be absent if a more generic capability

      value is already provided or if the publisher is not capable of

      providing a value.  If not provided then it should be

      interpreted that the property is unconstrained. 

BALAZS2: Don’t agree. Someone requested earlier and I agreed, that there is a use case where there is actually a limit, just it is not known, or not easily calculated, or changing during time. Anyway IMHO specifying unlimited is not really meaningful. Nothing is unlimited in reality. Also it is explicitly stated that the publisher is allowed to limit individual subscriptions to a lower throughput.

So my view is that if we don’t have a value that means nothing more than that we could not provide a meaningful limit.

 

 

In the security section, are these capabilities sensitive information?  E.g. could it be used by an attacker to more effectively DDOS a server (by knowing which paths to target subscriptions towards)?

BALAZS: IMHO the information is not security sensitive. The minimum dampening period and minimum-update-period can be used to find schema sections that might generate more notifications, but this is really a corner-case and we usually don’t describe such details. However the security section now includes:

         The Network Configuration Access Control Model (NACM) [RFC8341] 

         provides the means to restrict access for particular NETCONF or 

         RESTCONF users to a preconfigured subset of all available NETCONF or 

         RESTCONF protocol operations and content. 

         If access control is not properly configured, it can expose

         system internals to those who should not have access to this

         information.

[RW] 

Thinking about this some more, I wonder whether the security section could/should refer back to YANG-Push, which allows a server to reject subscriptions if it would cause the server to become overloaded.

BALAZS2: Kent wanted just to state, not modifiable, not sensitive. I updated this to: 

      All protocol-accessible data are read-only and cannot be modified. 

        The data in this module is not security sensitive.

        Access control may be configured, to avoid exposing 

        the read-only data.

When that data is in file format, data should be protected against 

        modification or unauthorized access using normal file handling and 

        secure and mutually authenticated file transport mechanisms.

I hope that will be OK

 

Thanks,

Rob

 

 

Thanks,

Rob

v2.23.0 | Report a Bug | By Email