[netconf] Re: http and RC client-server updates
Kent Watsen <kent+ietf@watsen.net> Sat, 10 August 2024 19:29 UTC
Return-Path: <010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89B79C14F6E1 for <netconf@ietfa.amsl.com>; Sat, 10 Aug 2024 12:29:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2MCEyr1nDLjJ for <netconf@ietfa.amsl.com>; Sat, 10 Aug 2024 12:29:04 -0700 (PDT)
Received: from a48-90.smtp-out.amazonses.com (a48-90.smtp-out.amazonses.com [54.240.48.90]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52B2EC14F6BC for <netconf@ietf.org>; Sat, 10 Aug 2024 12:29:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1723318143; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=fNYx7FwIpRIR+sasFk+2PQtny9MWYMXQX2awp5567YU=; b=burHAF0AZb/77zA2fXeLDrlE6obJ4sd8P96I5VXp1YrJRbSJTWx6x1xsSReM84ds AaI4m4LPmewGmtuDZJB/Pc/h/mFH6Kc8hBHCUkJLl4jI5Wyu0Hq3dsvWWQSxSnqGsUX GWPMtG/fCqUvInbEd22bTcf0JfkGyaE+5vaCIYok=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6BBBA85A-505C-4FF0-8645-0B6A7CCD2942"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Date: Sat, 10 Aug 2024 19:29:03 +0000
In-Reply-To: <DU2PR02MB10160E51DEE7E9561BA60F4B488DB2@DU2PR02MB10160.eurprd02.prod.outlook.com>
To: BOUCADAIR Mohamed IMT/OLN <mohamed.boucadair@orange.com>
References: <010001909524f397-3c195919-3b71-4178-b8c5-dcd3f4db7a16-000000@email.amazonses.com> <DU2PR02MB10160E51DEE7E9561BA60F4B488DB2@DU2PR02MB10160.eurprd02.prod.outlook.com>
X-Mailer: Apple Mail (2.3774.400.31)
Feedback-ID: ::1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.08.10-54.240.48.90
Message-ID-Hash: WQRU7JMNCLE4DDEG2A3UEJLY4LKTDB2Y
X-Message-ID-Hash: WQRU7JMNCLE4DDEG2A3UEJLY4LKTDB2Y
X-MailFrom: 010001913dc40877-3dcd9487-475e-4f18-a944-9fa76013641f-000000@amazonses.watsen.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "netconf@ietf.org" <netconf@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netconf] Re: http and RC client-server updates
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/T0Ier4WJQllvhfy3zxuA8f1DW9Q>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>
Hi Med, Thank you for your thorough review! > On Jul 9, 2024, at 8:18 AM, mohamed.boucadair@orange.com wrote: > > Hi Kent, > > Please find some quick comments, fwiw. Most are very minor. > > * Consistency > > This document presents ** two ** YANG 1.1 [RFC7950] modules: … > > vs. > > 1.1. Relation to other RFCs > > This document presents ** one or more ** YANG modules [RFC7950].. This comment applies to the “http-client-server” draft. Yes, that would be better. But it would be hard for me to fix since that text is in a file that is shared by the suite of client-server drafts. The text isn’t wrong, and the Editor can fix... > * Section 1.1 : now that the dependency on the udp grouping was added, I’m afraid that the dependency figure should be refreshed. Idem for Table 1. I see what you mean, but I’m explicitly not trying to show every “import” statement. E.g., the http-client-server also depends on tcp-client-server and the tls-client-server. In all cases, the dependency is because of a “stack” grouping. But these stack groupings are for minor convenience; the core of the data-model is elsewhere. That said, I updated the text in that section to be more accurate as follows: OLD: The dependency relationship between the primary YANG groupings... NEW: Primary dependency relationships between the YANG groupings… > * Section 2: nit > > OLD: > Examples illustrating the module's use are provided in Examples > (Section 2.2). > > NEW: > Examples illustrating the module's use are provided in Section 2.2. Fixed (in two places) > * Section 2.1.2.1: nits > > OLD: > * Unlike other "client" groupings in the suite a "client-server" > drafts mentioned in Section 1.1), > > NEW: > * Unlike other "client" groupings in the suite a "client-server" > documents mentioned in Section 1.1, Fixed - thanks! > * Section 2..1.2.1: Shouldn’t the client grouping include a parameter to control/explicit the http version? Also, wouldn’t be useful to define a quic-supported feature as well and the following be modified to list quic-supported feature? > > CURRENT: > +-- tls-client-parameters {tls-supported}? > +---u tlsc:tls-client-grouping Regarding param to control client-version, yes, and I recall Per making the same comment. Regarding a quic-supported feature, I added a “http-3-supported” feature and made it dependent on the “tls-supported” feature. See the -22 diff for details (will be published soon) > * Section 2.3: > > (1) remove the udp-client-server for the following list as this is imported/cited here. > > CURRENT: > 2.3. YANG Module > > This YANG module has references to [RFC3986], [RFC6991], [RFC8341], > [RFC9110], [I-D.ietf-netconf-tls-client-server], and > [I-D.ietf-netconf-udp-client-server]. I’d already spotted this - thanks > > (2) DELETE as this isn’t used in the module > > The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', > 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', > 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document > are to be interpreted as described in BCP 14 (RFC 2119) > (RFC 8174) when, and only when, they appear in all > capitals, as shown here."; Does no harm either, right? I’m too lazy to chase if any of those words appear in my modules. I know that sometimes they do. Whether that makes sense is a different question. > (3) redundant referencing (similar other occurrences) > > OLD: > description > "Indicates that the server supports configuring HTTP > clients to connect to a remote HTTP server via a > proxy, per Section 9.3.6 of RFC 9110."; > reference > "RFC 9110: HTTP Semantics"; > > NEW: > description > "Indicates that the server supports configuring HTTP > clients to connect to a remote HTTP server via a > proxy."; > reference > "RFC 9110: HTTP Semantics, Section 9.3.6 "; I have always referenced sections in the “description” statement, never the “reference” statement. > * Section 3.1.1: Update to echo all the features in the module, e.g., quic-supported is missing in the list. > > CURRENT: > 3.1.1. Features > > The following diagram lists all the "feature" statements defined in > the "ietf-http-server" module: Fixed. Also fixed in the "ietf-http-client” section... > * Section 3.1.2.2: Update the structure/module to avoid versions older than TLS1.3 > > CURRENT: > +--:(quic) {quic-supported}? > +-- quic > +-- udp-server-parameters > | +---u udps:udp-server-grouping > +-- tls-server-parameters > | +---u tlss:tls-server-grouping > +-- http-server-parameters > +---u http-server-grouping I don’t think a config knob is needed for this. A Quic server will already not use a version of TLS older than 1.3. > * Update the following to cite quic case. Also, avoid the use of normative language (MAY)/ > > CURRENT: > > "Choice amongst various transports type. TCP, with and > without TLS are defined here, with 'feature' statements > so that they may be disabled. Other transports MAY be > augmented in as 'case' statements by future efforts."; Fixed. > > * The description is from the perspective of the client, while this is about the server behavior. Please update accordingly. > > CURRENT: > "The HTTP client will attempt to connect > to the IANA-assigned well-known port for > 'http' (80) if no value is specified."; Fixed. > * Idem as previous comment > > CURREN: > "The HTTP client will attempt to connect > to the IANA-assigned well-known port for > 'https' (443) if no value is specified."; Also fixed. > Cheers, > Med Thanks! Kent > > De : Kent Watsen <kent+ietf@watsen.net <mailto:kent+ietf@watsen.net>> > Envoyé : mardi 9 juillet 2024 03:39 > À : netconf@ietf.org <mailto:netconf@ietf.org> > Objet : [netconf] http and RC client-server updates > > > I posted updates for the following drafts: > > - http-client-server > - restconf-client-server > > The updates are as follows: > > For the http-client-server draft, the update is rather big. After discussing with HTTP chairs and other experts, it was noted that our configuration for the HTTP-client was not expected. What was stated was that the URI itself should be sufficient. The update only affects the “client” groupings. Now the client groupings have a “uri” leaf that is expected to encode transport details. > > For the restconf-client-server draft, the update is only to adjust the examples to reflect the changes in the http-client-server draft. > > Best, > K > ____________________________________________________________________________________________________________ > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you.
- [netconf] http and RC client-server updates Kent Watsen
- [netconf] Re: http and RC client-server updates mohamed.boucadair
- [netconf] Re: http and RC client-server updates Kent Watsen
- [netconf] Re: http and RC client-server updates Rob Wilton (rwilton)
- [netconf] Re: http and RC client-server updates Kent Watsen