[Netconf] 4741bis -- :url capability issues
Andy Bierman <andyb@iwl.com> Fri, 30 April 2010 02:26 UTC
Return-Path: <andyb@iwl.com>
X-Original-To: netconf@core3.amsl.com
Delivered-To: netconf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AAC893A68DF for <netconf@core3.amsl.com>; Thu, 29 Apr 2010 19:26:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.068
X-Spam-Level:
X-Spam-Status: No, score=-2.068 tagged_above=-999 required=5 tests=[AWL=-1.069, BAYES_50=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ae6q5-dqhF+Q for <netconf@core3.amsl.com>; Thu, 29 Apr 2010 19:25:57 -0700 (PDT)
Received: from smtp114.iad.emailsrvr.com (smtp114.iad.emailsrvr.com [207.97.245.114]) by core3.amsl.com (Postfix) with ESMTP id 377373A67A4 for <netconf@ietf.org>; Thu, 29 Apr 2010 19:25:57 -0700 (PDT)
Received: from relay1.r1.iad.emailsrvr.com (localhost [127.0.0.1]) by relay1.r1.iad.emailsrvr.com (SMTP Server) with ESMTP id 78D0544C02B for <netconf@ietf.org>; Thu, 29 Apr 2010 22:25:43 -0400 (EDT)
Received: by relay1.r1.iad.emailsrvr.com (Authenticated sender: andyb-AT-iwlcorp.com) with ESMTPSA id 438C244C098 for <netconf@ietf.org>; Thu, 29 Apr 2010 22:25:42 -0400 (EDT)
Message-ID: <4BDA3FA5.4020306@iwl.com>
Date: Thu, 29 Apr 2010 19:25:41 -0700
From: Andy Bierman <andyb@iwl.com>
Organization: Interworking Labs, Inc.
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: NETCONF <netconf@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [Netconf] 4741bis -- :url capability issues
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: andyb@iwl.com
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netconf>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Apr 2010 02:26:01 -0000
Hi, Here are more issues for 4741bis: 1) :url as a source for <edit-config> (Martin already raised this issue) choice edit-content { mandatory true; anyxml config { description "Inline Config content: 'config' element. This is not full 'anyxml' because the <config> element cannot directly contain a text node."; } leaf url { if-feature url; type inet:uri; } } The edit-config operation allows <url> as a source, but there is no explanation what the file has to contain. Does it even have to be XML? There is no <get-config> support for a URL database, so why should there be any partial database editing? Since the URL file always represents a complete database, there are no operations other than copy-config and delete-config that apply to it. Proposed solution: - Delete 'url' as a source for <edit-config> - Delete section 8.8.5.1. 2) There is no lock support at all for URL databases, so it is not even clear that copy and delete are properly supported. Issue: Should <url> be allowed in <lock> and <unlock> operations? 3) :url interoperability It is not clear what a client application should expect for any given scheme, or what schemes a server SHOULD or even MAY support. Issue: is the :url capability interoperable? If not, what should be done about it? 4) :url security considerations The security considerations for external database representations of NETCONF configurations are ignored, which should probably be fixed, if anybody knows what to write. Current text: Similarly, just because someone says "go write a configuration through the URL capability at a particular place", this does not mean that an element should do it without proper authorization. Issue: Are the security considerations clear enough or are more details needed? (e.g., file system permissions for 'file' scheme, clear-text on-the-wire for 'ftp' and 'http' schemes. 5) 'file' scheme It is not clear whether: - absolute path specs must be supported by the server - the path-spec represents a conceptual file-system in the server, or the real file-system. - sub-directories must be supported - how many sub-directory levels deep are allowed - other restrictions apply, such as naming, number of files, etc. - if the internal mirrored NV-store is really a file, whether this file is accessible via the <url> parameter. - if the external :startup config is accessible via the <url> parameter. Issue: are any guidelines needed for the 'file' scheme? This is the most likely scheme to be supported by a server. Andy
- [Netconf] 4741bis -- :url capability issues Andy Bierman
- Re: [Netconf] 4741bis -- :url capability issues Martin Bjorklund
- Re: [Netconf] 4741bis -- :url capability issues Phil Shafer
- Re: [Netconf] 4741bis -- :url capability issues Andy Bierman
- Re: [Netconf] 4741bis -- :url capability issues Martin Bjorklund
- Re: [Netconf] 4741bis -- :url capability issues Andy Bierman
- Re: [Netconf] 4741bis -- :url capability issues Andy Bierman
- Re: [Netconf] 4741bis -- :url capability issues Andy Bierman
- Re: [Netconf] 4741bis -- :url capability issues Phil Shafer
- Re: [Netconf] 4741bis -- :url capability issues Phil Shafer
- Re: [Netconf] 4741bis -- :url capability issues Andy Bierman