Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

Balázs Lengyel <balazs.lengyel@ericsson.com> Thu, 03 October 2019 14:48 UTC

Return-Path: <balazs.lengyel@ericsson.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 063CE120938 for <netconf@ietfa.amsl.com>; Thu, 3 Oct 2019 07:48:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZuJF-58rJeSG for <netconf@ietfa.amsl.com>; Thu, 3 Oct 2019 07:48:08 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60042.outbound.protection.outlook.com [40.107.6.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1606612090B for <netconf@ietf.org>; Thu, 3 Oct 2019 07:48:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ahSUkENTbP/DVzH9zHTbRBsvLUNjkh+AjVRlLCyJx+jABijgGZVG+geXBAuP6v53MCM57uc2XJ+jD81tb6YFoF9dt7V9H1X1w48NJFvwe2mlcmumMUTB9+U+R+CZQg43UJivZ3VQtQrgHfncg774dvLJQHGrxNiB0RA2mpr/cAJggRwARsoRGDk+/1Cg5242xva35WhBI6I7E115eK+x839DU8/LdP4kQSFoGEIkPfiDIhWDnPxN2gPwf4CkeU1f5QrJkmuIYoXCZhuSsbb/fuNA8cd0dcV6T8HsgmhM06xvqGv7otrGamSPtl3x6zGUVzZclswKsUAcDwpa2xDn6A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uBsMYZ6CESu/i+kDt7px0K4pDOIjFVilkgapY7P73Kw=; b=fELstn1Go7FSu+5EHc1XmZL1Gj4mwKe0sC+t3iwhDnMtQHkodHdym92pKdZ13HQ2QuAzg1Q2UVBbrD96zrl+HCjOUKCw+f2UvodGMBdwKAW2qpRoWupI3DMBlDFdazuZ0gnZoXF72d7zJmf+xvDI9mobZ/hXgdtEl8nkIkSBnjhShVhSp4WOsrr4qCVaLrzoCIYDDDkQ76c85d1scuYtB2JuMF2XHBBPDZMaShkzBAFz4/UnCJi7jo7q+Ho62/GDRHMNQtkcgE1lwjelbrgxR3CCkVpekthFxRoVH+pQqPIoQm9ZSi/6tBydjWn6hRAz3ggchlPYJOPG9JflW88kzQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uBsMYZ6CESu/i+kDt7px0K4pDOIjFVilkgapY7P73Kw=; b=K/hZsm0wN/RJdENJtx69iW8uyYJtGwHYHMXgHftw34g4xoJJSAOmVRft6azpmyW9W0yJm6JwfBaJz8kj2oPN15w3Y4tgiP2XAvqqC60W/PwWta7Zw3cwayaphDPqJPPWxMqAjBsE74ul7el5vgt8+bJ1x4KiowU0kF0xK7VzxgA=
Received: from VI1PR0701MB2286.eurprd07.prod.outlook.com (10.169.137.153) by VI1PR0701MB2318.eurprd07.prod.outlook.com (10.168.137.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.9; Thu, 3 Oct 2019 14:48:03 +0000
Received: from VI1PR0701MB2286.eurprd07.prod.outlook.com ([fe80::f44b:854c:51cf:c69f]) by VI1PR0701MB2286.eurprd07.prod.outlook.com ([fe80::f44b:854c:51cf:c69f%7]) with mapi id 15.20.2305.023; Thu, 3 Oct 2019 14:48:03 +0000
From: =?iso-8859-2?Q?Bal=E1zs_Lengyel?= <balazs.lengyel@ericsson.com>
To: Kent Watsen <kent+ietf@watsen.net>
CC: "Eric Voit (evoit)" <evoit@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Alexander Clemm <ludwig@clemm.org>, Benoit Claise <bclaise@cisco.com>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
Thread-Index: AQHVaCiq/P3ytjAdYEi7Gp+LSYgUDqc7MLcAgAA5KYCAA/LsEIAFZuYAgARZyDA=
Date: Thu, 3 Oct 2019 14:48:03 +0000
Message-ID: <VI1PR0701MB2286C0363CD0AA085F2B9CC1F09F0@VI1PR0701MB2286.eurprd07.prod.outlook.com>
References: <D3B39347-DFB7-4BEE-8B22-0EE07AEB1F5A@gmail.com> <4F49DF08-B7FC-4EBD-9D6B-7BC329E50334@gmail.com> <BN7PR11MB262749DCC86F32F725D1C67AA1840@BN7PR11MB2627.namprd11.prod.outlook.com> <VI1PR0701MB22864F116F517E960EC32A0AF0810@VI1PR0701MB2286.eurprd07.prod.outlook.com> <0100016d83c486c9-83aece79-684a-4999-b382-dd9c09f24c62-000000@email.amazonses.com>
In-Reply-To: <0100016d83c486c9-83aece79-684a-4999-b382-dd9c09f24c62-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.lengyel@ericsson.com;
x-originating-ip: [89.135.192.225]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ad023396-d264-446d-2fd8-08d74810b1ec
x-ms-traffictypediagnostic: VI1PR0701MB2318:
x-microsoft-antispam-prvs: <VI1PR0701MB231837F748DABA56AB7FDAA4F09F0@VI1PR0701MB2318.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 01792087B6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(396003)(136003)(346002)(376002)(366004)(199004)(189003)(7110500001)(54896002)(102836004)(14454004)(74316002)(8936002)(33656002)(99286004)(7736002)(81166006)(8676002)(81156014)(486006)(76176011)(7696005)(478600001)(476003)(66066001)(26005)(53546011)(25786009)(11346002)(6246003)(5660300002)(3846002)(790700001)(2906002)(6116002)(66574012)(15650500001)(2420400007)(14444005)(256004)(4326008)(6506007)(54906003)(52536014)(71200400001)(64756008)(6306002)(66556008)(66446008)(229853002)(316002)(66946007)(66476007)(86362001)(66616009)(71190400001)(55016002)(76116006)(9686003)(6436002)(99936001)(446003)(186003)(45776006); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0701MB2318; H:VI1PR0701MB2286.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JZJ/eE+jVfY5CUqtQi6yxMx0w6p8ZajHI35pLxovoCgeSOCkMiAKW3wyEPmqUqwX2hxtPYi60MLxxm+Spn2Tbv/Xi6f3zrA5SxR0Ji3C8SY2KNB0iZ7zEpa2Z2sef6CV5EMoKZcTKcflgqm4QP4O0sIDViEQikmCOy9Zfm+o3/qpo8xpVr7Xgg9YCGBMrmECciL9KzhVulmHk82919MX4oEoIBmub0TeulTFFxLPj9qVv7KQ3X6MCsvV4Vgu5aXcCBWh8DWEl2I6yLrPNqFSN6pqety/lo7hcaNc/kru30HaWS3Ld5wysW32iTXCv/Ul71+gaoq9XsPGTh61C2pv1yfq1OEYEAXaXPmfv6j7juVvniJH/b59YUZCQjISOfgb4bPYd2SGxtdHy3RryLw5qnT5ND19VUBagS9tBoWzz6E=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0771_01D57A0A.51E2D720"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ad023396-d264-446d-2fd8-08d74810b1ec
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Oct 2019 14:48:03.6137 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Mf6UUmK0lzJngfA30l8erfv/RApt6apSdt0SC8YM7ZrfIZkFe1aqvty7hsPB5sSsxQkc+8ktX8Oq7fV+PfeGpj3n5El/apTHna0X30IL6H8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0701MB2318
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/TroXEJAatr3DrmlYmhwb_cGQddU>
Subject: Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Oct 2019 14:48:15 -0000

From: Kent Watsen <kent+ietf@watsen.net> 
Sent: 2019. szeptember 30., hétfő 22:03
To: Balázs Lengyel <balazs.lengyel@ericsson.com>
Cc: Eric Voit (evoit) <evoit@cisco.com>om>; Mahesh Jethanandani
<mjethanandani@gmail.com>om>; Alexander Clemm <ludwig@clemm.org>rg>; Benoit Claise
<bclaise@cisco.com>om>; netconf@ietf.org
Subject: Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

 

 

In reviewing the draft, I don't see where the file format is defined.    I
understand the module defining a 'container' for protocol-accessible nodes,
but shouldn't it define an 'sx:structure' for the file format?  I suggest
moving the contents of the "datastore-subscription-capabilities" container
to a 'grouping' and then have both the container and an 'sx:structure' use
that grouping.

BALAZS2: This drafts does not want to define a file format. It intends to
use the "generic" file format defined in
draft-ietf-netmod-yang-instance-file-format. IMHO the whole aim of
draft-ietf-netmod-yang-instance-file-format is to avoid individual drafts
defining file formats.

 

On the below:





I suspect that you will need to do a security analysis per YANG object.
This has been done the other YANG push family.

BALAZS: The full module is readOnly and not sensitive or private in any
manner.  The security text for the readOnly parts of YangPush is the exact
same text: not very informative, but gives you the illusion of security
awareness.

 

I suspect that manipulating the reporting intervals could have some security
implications.   E.g., a hacker could push up the damping period or periodic
interval to a level where the information they are changing then becomes
invisible to a monitoring system.

BALAZS: The full YAM is read-only so manipulating the data is not a concern.

 

 

The draft should say something like:

 

1. All protocol-accessible are read-only and cannot be modified.  The nature
of the read-only data is not deemed to be sensitive in a way necessitating
access-control restrictions (e.g., NACM) beyond the client being
authenticated.

BALAZS2: OK,  Updated with first part, but Rob has asked for an extra
sentence about the dangers of revealing read-only data, I added that too.

"All protocol-accessible data are read-only and cannot be modified. 

        The data in this module is not security sensitive.

        Access control may be configured, to avoid exposing 

        the read-only data."

 

2. When a file format, the protection afforded by a mutually authenticated
transport protocol.  Protection of the data must be performed manually, so
as to ensure that the data is neither seen nor modified in transit.

Reword as needed.

BALAZS2: Agreed. This is part of normal file handling, transport. So I
reworded this to:

"When that data is in file format, data should be protected against 

        modification or unauthorized access using normal file handling and 

        secure and mutually authenticated file transport mechanisms."

 

Kent // contributor