Return-Path: <0100016e278bd4fb-145dce0d-46df-4866-942f-391910bd8376-000000@amazonses.watsen.net> X-Original-To: netconf@ietfa.amsl.com Delivered-To: netconf@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E98421208D1; Fri, 1 Nov 2019 08:18:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l-abZCaJJfkt; Fri, 1 Nov 2019 08:18:27 -0700 (PDT) Received: from a8-33.smtp-out.amazonses.com (a8-33.smtp-out.amazonses.com [54.240.8.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 531D71208CD; Fri, 1 Nov 2019 08:18:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1572621506; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=SyDKGiPcLfAbi14X3PjsSQmvjzAGuVtBYrhoEPnOx30=; b=i1pJYy9wX6TJUFWnLnJ/PEuzFl5LDxQwxoQBYwCMvnHOnBWqBQ0bCXHlIGboAXev 7DmVQFyfA1tq9nLA4cvXUnJCzYwIF8DnsXaTqua2cemgBAw6zkvfP142NqAPpZZc4fD 1ULyGTt7wB6y3oFVCHsPj5F06Ti5dJ7ueITRLxv4= From: Kent Watsen Message-ID: <0100016e278bd4fb-145dce0d-46df-4866-942f-391910bd8376-000000@email.amazonses.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_C10FB0F9-23DA-434B-8B9A-0D0941F638AC" Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\)) Date: Fri, 1 Nov 2019 15:18:25 +0000 In-Reply-To: <0100016e27785ce1-6ade1cd2-78fc-40ee-bb4d-f7c4b685e3d3-000000@email.amazonses.com> Cc: draft-ietf-netmod-factory-default@ietf.org To: "netconf@ietf.org" References: <0100016e27785ce1-6ade1cd2-78fc-40ee-bb4d-f7c4b685e3d3-000000@email.amazonses.com> X-Mailer: Apple Mail (2.3445.104.11) X-SES-Outgoing: 2019.11.01-54.240.8.33 Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES Archived-At: Subject: Re: [netconf] WG Last Call: draft-ietf-netmod-factory-default-05 X-BeenThere: netconf@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: NETCONF WG list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Nov 2019 15:18:30 -0000 --Apple-Mail=_C10FB0F9-23DA-434B-8B9A-0D0941F638AC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii I have reviewed -05 and support it so long as the following comments are = considered: Kent // contributor =3D=3D=3D=3D review =3D=3D=3D=3D Section 1 is missing a NMDA-compliance statement, per https://tools.ietf.org/html/rfc8407#section-3.5 = . Section 2 says: Factory-default content SHALL be specified by one of the following means in descending order of precedence 1. For the , and datastores as the content of the datastore, if it exists; The (1) sentence doesn't flow from the sentence before. Maybe you mean something like: 1. Network management protocol (e.g., NETCONF, RESTCONF) operations may be used to access the contents of = . Section 2 says: For the server supporting zero touch bootstrapping mechanisms, the factory default configuration causes the bootstrapping process to execute,e.g.,the server might reset configuration to device's factory default configuration,for the version of operating system software it is running. s/the server might reset /the server resets / Section 2 says: In addition,the "factory-reset" RPC might also be used to trigger some other restoring and resetting tasks such as files cleanup, restarting the node or some of the software processes, setting some security data/passwords to the default value, removing logs, or removing any temporary data (from datastore or elsewhere), etc. s/the "factory-reset" RPC might /the "factory-reset" RPC MAY / ??? Section 3 says: this document introduces a new datastore resource named 'Factory-Default' ... 'Factory-Default' should not be capitalized. Section 3 says: The contents of the datastore can be read using NETCONF,=20 RESTCONF and operations. Which doesn't make sense. Perhaps: The contents of the datastore can be read using NETCONF=20 and operations, and the RESTCONF protocol equivalents. Section 3 says: The operation can be used to copy the factory default content to a set of read-write configuration datastores and then the content of these datastores is propagated automatically to any other read only datastores, e.g., and . This is confusing. I think what you want to say is The operation copies the factory default content to and, if present, . Section 4 says: import ietf-netconf { prefix nc ; } import ietf-datastores { prefix ds; } These statements are missing "reference" statements. Section 4 says: description "The read-only datastore contains the configuration that will be copied into e.g., the running datastore by the factory-reset operation if the target is the running datastore."; which excludes and confusingly mentions a "target" when the RPC itself has no parameters. Perhaps: description "The read-only datastore contains the configuration that will be copied into and, if present, ."; Section 5. Please make the registrations have single-spaced lines. Section 6. The last paragraph doesn't make a point. Perhaps conclude with something like: "This module does not itself set "nacm:default-deny-write" on the=20 'factory-reset' RPC, leaving it to applications to configure the access control settings." Appendix B should have a note to the RFC Stream Editor to=20 remove it when the draft is published. Kent=20 > On Nov 1, 2019, at 10:57 AM, Kent Watsen wrote: >=20 > This begins a two-week Working Group Last Call (WGLC) on = draft-ietf-netmod-factory-default-05. The WGLC ends on Nov 15 (two days = before the NETCONF 106 session). Please send your comments to the = working group mailing list. >=20 > Positive comments, e.g., "I've reviewed this document and believe it = is ready for publication", are welcome! This is useful and important, = even from authors. Objections, concerns, and suggestions are also = welcomed at this time. >=20 > Thank you, > NETCONF Chairs >=20 >=20 > _______________________________________________ > netconf mailing list > netconf@ietf.org > https://www.ietf.org/mailman/listinfo/netconf --Apple-Mail=_C10FB0F9-23DA-434B-8B9A-0D0941F638AC Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii I = have reviewed -05 and support it so long as the following comments are = considered:

Kent // = contributor

=3D=3D= =3D=3D review =3D=3D=3D=3D

Section 1 is missing a NMDA-compliance statement, = per

https://tools.ietf.org/html/rfc8407#section-3.5.

Section 2 says:

Factory-default content SHALL be = specified by one of the following

= means in descending order of precedence

1. For the = <running>,<candidate> and <startup> datastores as = the

content of the = <factory-default> datastore, if it exists;

The (1) sentence doesn't flow from the sentence before. = Maybe you

mean something like:

1. = Network management protocol (e.g., NETCONF, RESTCONF)

operations may be used to access = the contents of <factory-default>.

Section 2 says:

For the server supporting zero = touch bootstrapping mechanisms, the
factory = default configuration causes the bootstrapping process to
execute,e.g.,the server might reset = configuration to device's factory
default = configuration,for the version of operating system software it
is running.

s/the = server might reset /the server resets /

Section 2 says:
In addition,the "factory-reset" RPC might also = be used
to trigger some other restoring and = resetting tasks such as files
cleanup, = restarting the node or some of the software processes,
setting some security data/passwords to the = default value, removing
logs, or removing any = temporary data (from datastore or elsewhere),
= etc.

s/the "factory-reset" RPC might = /the "factory-reset" RPC MAY / ???

Section 3 says:

this document introduces a new datastore = resource named
'Factory-Default' ...

'Factory-Default' should = not be capitalized.

Section 3 says:

The contents of the = datastore can be read using NETCONF,

= RESTCONF <get-data> and <get-config> = operations.

Which doesn't make sense. = Perhaps:

= The contents of the datastore can be read using = NETCONF

<get-data> and = <get-config> operations, and the RESTCONF

protocol equivalents.

Section 3 says:

The operation = <factory-
reset> can be used to = copy the factory default content to a set of
= read-write configuration datastores and then the content of = these
datastores is propagated = automatically to any other read only
= datastores, e.g., <intended> and <operational>.

This is confusing. I think what = you want to say is

The operation <factory-
reset> copies the factory default = content to <running> and,

= if present, <startup>.

Section 4 = says:

import ietf-netconf { prefix = nc ; }
import ietf-datastores { prefix ds; }

These statements are missing "reference" = statements.

Section 4 says:

description "The read-only = datastore contains the configuration that

= will be copied into e.g., the running datastore by = the

factory-reset operation if = the target is the running

= datastore.";

which excludes = <startup> and confusingly mentions a "target" when

the RPC itself has no parameters. Perhaps:

= description "The read-only datastore contains the = configuration

that will be = copied into <running> and, if present, <startup>.";

Section 5.

Please make the = registrations have single-spaced lines.

Section 6.

The last paragraph doesn't make a point. Perhaps = conclude with
something like:

"This module does not itself set = "nacm:default-deny-write" on the
= 'factory-reset' RPC, leaving it to applications to configure = the
access control settings."

Appendix B should have a note to the RFC Stream Editor = to

remove it when the draft is published.

Kent

On Nov 1, 2019, at 10:57 AM, Kent Watsen = <kent+ietf@watsen.net> wrote:

This = begins a two-week Working Group Last Call (WGLC) on = draft-ietf-netmod-factory-default-05. The WGLC ends on Nov 15 (two = days before the NETCONF 106 session). Please send your comments to = the working group mailing list.

Positive = comments, e.g., "I've reviewed this document and believe it is ready for = publication", are welcome! This is useful and important, even from = authors. Objections, concerns, and suggestions are also welcomed = at this time.

Thank you,
NETCONF Chairs

_______________________________________________
netconf mailing list
netconf@ietf.org
https://www.ietf.org/mailman/listinfo/netconf

= --Apple-Mail=_C10FB0F9-23DA-434B-8B9A-0D0941F638AC--