[netconf] Re: http and RC client-server updates

Kent Watsen <kent+ietf@watsen.net> Sat, 10 August 2024 19:29 UTC

Return-Path: <010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89B79C14F6E1 for <netconf@ietfa.amsl.com>; Sat, 10 Aug 2024 12:29:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2MCEyr1nDLjJ for <netconf@ietfa.amsl.com>; Sat, 10 Aug 2024 12:29:04 -0700 (PDT)
Received: from a48-90.smtp-out.amazonses.com (a48-90.smtp-out.amazonses.com [54.240.48.90]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52B2EC14F6BC for <netconf@ietf.org>; Sat, 10 Aug 2024 12:29:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1723318143; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=fNYx7FwIpRIR+sasFk+2PQtny9MWYMXQX2awp5567YU=; b=burHAF0AZb/77zA2fXeLDrlE6obJ4sd8P96I5VXp1YrJRbSJTWx6x1xsSReM84ds AaI4m4LPmewGmtuDZJB/Pc/h/mFH6Kc8hBHCUkJLl4jI5Wyu0Hq3dsvWWQSxSnqGsUX GWPMtG/fCqUvInbEd22bTcf0JfkGyaE+5vaCIYok=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6BBBA85A-505C-4FF0-8645-0B6A7CCD2942"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Date: Sat, 10 Aug 2024 19:29:03 +0000
In-Reply-To: <DU2PR02MB10160E51DEE7E9561BA60F4B488DB2@DU2PR02MB10160.eurprd02.prod.outlook.com>
To: BOUCADAIR Mohamed IMT/OLN <mohamed.boucadair@orange.com>
References: <010001909524f397-3c195919-3b71-4178-b8c5-dcd3f4db7a16-000000@email.amazonses.com> <DU2PR02MB10160E51DEE7E9561BA60F4B488DB2@DU2PR02MB10160.eurprd02.prod.outlook.com>
X-Mailer: Apple Mail (2.3774.400.31)
Feedback-ID: ::1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.08.10-54.240.48.90
Message-ID-Hash: WQRU7JMNCLE4DDEG2A3UEJLY4LKTDB2Y
X-Message-ID-Hash: WQRU7JMNCLE4DDEG2A3UEJLY4LKTDB2Y
X-MailFrom: 010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@amazonses.watsen.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netconf] Re: http and RC client-server updates
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/T0Ier4WJQllvhfy3zxuA8f1DW9Q>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>

Hi Med,

Thank you for your thorough review!


> On Jul 9, 2024, at 8:18 AM, mohamed.boucadair@orange.com wrote:
> 
> Hi Kent,
>  
> Please find some quick comments, fwiw. Most are very minor.
>  
> * Consistency
>  
>    This document presents ** two ** YANG 1.1 [RFC7950] modules: …
>  
> vs.
>  
> 1.1.  Relation to other RFCs
>  
>    This document presents ** one or more ** YANG modules [RFC7950]..

This comment applies to the “http-client-server” draft.

Yes, that would be better.  But it would be hard for me to fix since that text is in a file that is shared by the suite of client-server drafts.

The text isn’t wrong, and the Editor can fix...


> * Section 1.1 : now that the dependency on the udp grouping was added, I’m afraid that the dependency figure should be refreshed. Idem for Table 1.

I see what you mean, but I’m explicitly not trying to show every “import” statement.  E.g., the http-client-server also depends on tcp-client-server and the tls-client-server.   In all cases, the dependency is because of a “stack” grouping.  But these stack groupings are for minor convenience; the core of the data-model is elsewhere.   That said, I updated the text in that section to be more accurate as follows:

	OLD: The dependency relationship between the primary YANG groupings...
	NEW: Primary dependency relationships between the YANG groupings…



> * Section 2: nit
>  
> OLD:
>    Examples illustrating the module's use are provided in Examples
>    (Section 2.2). 
>  
> NEW:
>    Examples illustrating the module's use are provided in Section 2.2. 

Fixed (in two places)

 
> * Section 2.1.2.1: nits
>  
> OLD:
>    *  Unlike other "client" groupings in the suite a "client-server"
>       drafts mentioned in Section 1.1), 
>  
> NEW:
>    *  Unlike other "client" groupings in the suite a "client-server"
>       documents mentioned in Section 1.1, 

Fixed - thanks!


> * Section 2..1.2.1: Shouldn’t the client grouping include a parameter to control/explicit the http version? Also, wouldn’t be useful to define a quic-supported feature as well and the following be modified to list quic-supported feature?
>  
> CURRENT:
>        +-- tls-client-parameters {tls-supported}?
>           +---u tlsc:tls-client-grouping

Regarding param to control client-version, yes, and I recall Per making the same comment.

Regarding a quic-supported feature, I added a  “http-3-supported” feature and made it dependent on the “tls-supported” feature. 

See the -22 diff for details (will be published soon)



> * Section 2.3:
>  
> (1) remove the udp-client-server for the following list as this is imported/cited here.
>  
> CURRENT:
> 2.3.  YANG Module
>  
>    This YANG module has references to [RFC3986], [RFC6991], [RFC8341],
>    [RFC9110], [I-D.ietf-netconf-tls-client-server], and
>    [I-D.ietf-netconf-udp-client-server].

I’d already spotted this  - thanks

 
> 
> (2) DELETE as this isn’t used in the module
>  
>         The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
>         'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
>         'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
>         are to be interpreted as described in BCP 14 (RFC 2119)
>         (RFC 8174) when, and only when, they appear in all
>         capitals, as shown here.";

Does no harm either, right?    I’m too lazy to chase if any of those words appear
in my modules.  I know that sometimes they do.   Whether that makes sense is
a different question.


> (3) redundant referencing (similar other occurrences)
>  
> OLD:
>        description
>          "Indicates that the server supports configuring HTTP
>           clients to connect to a remote HTTP server via a
>           proxy, per Section 9.3.6 of RFC 9110.";
>        reference
>          "RFC 9110: HTTP Semantics";
>  
> NEW:
>        description
>          "Indicates that the server supports configuring HTTP
>           clients to connect to a remote HTTP server via a
>           proxy.";
>        reference
>          "RFC 9110: HTTP Semantics, Section 9.3.6 ";

I have always referenced sections in the “description” statement, never the “reference” statement.



> * Section 3.1.1: Update to echo all the features in the module, e.g., quic-supported is missing in the list.
>  
> CURRENT:
> 3.1.1.  Features
>  
>    The following diagram lists all the "feature" statements defined in
>    the "ietf-http-server" module:

Fixed.   Also fixed in the "ietf-http-client” section...



> * Section 3.1.2.2:  Update the structure/module to avoid versions older than TLS1.3
>  
> CURRENT:
>           +--:(quic) {quic-supported}?
>              +-- quic
>                 +-- udp-server-parameters
>                 |  +---u udps:udp-server-grouping
>                 +-- tls-server-parameters
>                 |  +---u tlss:tls-server-grouping
>                 +-- http-server-parameters
>                    +---u http-server-grouping

I don’t think a config knob is needed for this.   
A Quic server will already not use a version of TLS older than 1.3.


> * Update the following to cite quic case. Also, avoid the use of normative language (MAY)/
>  
> CURRENT:
>  
>            "Choice amongst various transports type.  TCP, with and
>             without TLS are defined here, with 'feature' statements
>             so that they may be disabled.  Other transports MAY be
>             augmented in as 'case' statements by future efforts.";

Fixed.


>  
> * The description is from the perspective of the client, while this is about the server behavior. Please update accordingly.
>  
> CURRENT:
>                      "The HTTP client will attempt to connect
>                       to the IANA-assigned well-known port for
>                       'http' (80) if no value is specified.";

Fixed.
 

> * Idem as previous comment
>  
> CURREN:
>                      "The HTTP client will attempt to connect
>                       to the IANA-assigned well-known port for
>                       'https' (443) if no value is specified.";

Also fixed.

 
> Cheers,
> Med

Thanks!
Kent



>  
> De : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>> 
> Envoyé : mardi 9 juillet 2024 03:39
> À : netconf@ietf.org <mailto:netconf@ietf.org>
> Objet : [netconf] http and RC client-server updates
>  
> 
> I posted updates for the following drafts:
>  
>              - http-client-server
>              - restconf-client-server
>  
> The updates are as follows:
>  
> For the http-client-server draft, the update is rather big.  After discussing with HTTP chairs and other experts, it was noted that our configuration for the HTTP-client was not expected.   What was stated was that the URI itself should be sufficient.  The update only affects the “client” groupings.  Now the client groupings have a “uri” leaf that is expected to encode transport details.
>  
> For the restconf-client-server draft, the update is only to adjust the examples to reflect the changes in the http-client-server draft.
>  
> Best,
> K
> ____________________________________________________________________________________________________________
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
> 
> This message and its attachments may contain confidential or privileged information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> Thank you.