IETF Logo Mail Archive

Re: [Netconf] Draft Charter Proposal for NETCONF WG

Kent Watsen <kwatsen@juniper.net> Tue, 21 March 2017 16:41 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 149DF129BAA for <netconf@ietfa.amsl.com>; Tue, 21 Mar 2017 09:41:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iTdwh2lCOwWU for <netconf@ietfa.amsl.com>; Tue, 21 Mar 2017 09:41:20 -0700 (PDT)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0104.outbound.protection.outlook.com [104.47.32.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED3D51293E0 for <netconf@ietf.org>; Tue, 21 Mar 2017 09:41:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=vl03M8YXYZ1p5vhZ2HFHIOXdDqgMenrzTevql8z4zls=; b=MDV5N7SqxZu9DVNDW31hMaJUYLNNLUJnJPKqgFQSPS8BpQINFx9s+Q+TVwCGtlaJUEWE7FxwNxncuy3QhrWn6pArV3FRURSIGamWH/mL/pB28uINlZuXEerg9S+POkHST2Xz6TaSS36xm24MFLsE3hfwNUyq3lzyYXdEYQC/MLE=
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) by BN3PR0501MB1442.namprd05.prod.outlook.com (10.160.117.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.4; Tue, 21 Mar 2017 16:41:17 +0000
Received: from BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) by BN3PR0501MB1442.namprd05.prod.outlook.com ([10.160.117.151]) with mapi id 15.01.0991.013; Tue, 21 Mar 2017 16:41:17 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "t.petch" <ietfc@btconnect.com>, Mehmet Ersue <mersue@gmail.com>, 'Benoit Claise' <bclaise@cisco.com>
CC: 'Netconf' <netconf@ietf.org>
Thread-Topic: [Netconf] Draft Charter Proposal for NETCONF WG
Thread-Index: AdKROeE3Cc7ORdXbRmOFzdaoTO5UHAAgSeNTAAMyYgAABKtfAAAmUhvuAAqrwYAAXzKn3gAB6uUAAAIQ/gAAyiJeAAAC57eAAAAVAwAAAlfsAAACJWiAAAN6WAD//+pRAIAPgnqAgATDTICAASefpIAAKg0A
Date: Tue, 21 Mar 2017 16:41:17 +0000
Message-ID: <BA52FB19-D4B9-4E1A-BFE5-7CCE6F5554B1@juniper.net>
References: <014101d2913a$3db72870$b9257950$@gmail.com> <070e01d291ba$9bb8f4a0$4001a8c0@gateway.2wire.net> <m2fuiye8rj.fsf@birdie.labs.nic.cz> <072D22E1-66DA-414E-BD16-C43D36BE9B6E@juniper.net> <026e01d29273$5cc0cfc0$4001a8c0@gateway.2wire.net> <5A12F60C-3BA9-41A2-B77C-9E73B9DA115D@juniper.net> <05c201d2941a$d4bd4500$4001a8c0@gateway.2wire.net> <20170303133448.GA3133@elstar.local> <00b201d2942b$32395b50$96ac11f0$@gmail.com> <014701d29753$bb651790$322f46b0$@ndzh.com> <CABCOCHSacn15vfo8MR0K-UJJo6E0AZ14Gwj3M43KYkgbtwK8Kg@mail.gmail.com> <005101d2975f$ae87ac20$0b970460$@ndzh.com> <017d01d29769$0df70b20$29e52160$@gmail.com> <010701d29771$a45f66e0$ed1e34a0$@ndzh.com> <026601d2977f$8d059600$a710c200$@gmail.com> <685B9088-7557-4C6E-9A8F-54C3208DB312@juniper.net> <7217bc23-0e1e-c250-929d-e18c3f0a800f@cisco.com> <07b601d2a197$9865d5b0$c9318110$@gmail.com> <02ee01d2a22b$295b2be0$4001a8c0@gateway.2wire.net>
In-Reply-To: <02ee01d2a22b$295b2be0$4001a8c0@gateway.2wire.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: btconnect.com; dkim=none (message not signed) header.d=none;btconnect.com; dmarc=none action=none header.from=juniper.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.241.11]
x-microsoft-exchange-diagnostics: 1; BN3PR0501MB1442; 7:gMzlqe25f6sUWdLEf/hapSqNK0nOASBNHhyWaieyJ17Txe0gP7y2fMsd9cd6E7kS+YgAguSaFwYQezWLQPy9be9Ay0g76Vs5TMj10kZcz9mdOYxDP9ABX9OZN1qQyQvycNjv1g2Xth75DnTGE9oOFC1sOwekLaL34ZR/4psX6h9pu8J3MaTW5khpPZ2kCQGA2K1Agk5/xrU+l3/k8cZ5PTfEIBPvymeMjSz9L3ztmHQXk3+abwCG5Sn+pIJIK51XZRDrHBsQZRcQlgttTx70JYV5MRRtFPcmQk6o629w5gzGg5M9pB+PU+inPB5SREAozWN7EkbSfRRk94A6B98lQQ==
x-ms-office365-filtering-correlation-id: 11a63828-6b66-4d63-b8e6-08d47079189c
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081); SRVR:BN3PR0501MB1442;
x-microsoft-antispam-prvs: <BN3PR0501MB144206EEE6DAFE0041D64B5AA53D0@BN3PR0501MB1442.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(138986009662008)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026)(6041248)(20161123558025)(20161123555025)(20161123560025)(20161123562025)(20161123564025)(6072148); SRVR:BN3PR0501MB1442; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0501MB1442;
x-forefront-prvs: 02530BD3AA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39450400003)(39840400002)(39410400002)(39850400002)(39860400002)(377454003)(13464003)(45074003)(24454002)(33656002)(6246003)(83506001)(229853002)(561944003)(76176999)(53546009)(82746002)(6506006)(6486002)(77096006)(99286003)(86362001)(6116002)(83716003)(2906002)(53936002)(3846002)(4001350100001)(6436002)(7736002)(305945005)(102836003)(8666007)(50986999)(189998001)(2950100002)(122556002)(6512007)(6306002)(36756003)(3660700001)(93886004)(54356999)(66066001)(4326008)(39060400002)(3280700002)(8936002)(2900100001)(8676002)(5660300001)(81166006)(38730400002)(25786009); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0501MB1442; H:BN3PR0501MB1442.namprd05.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <B0A8F0AEC3B41343A061668B57E607AF@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2017 16:41:17.0629 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0501MB1442
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/V2a1vrF0JMHvRqSzmNI7EktyBgc>
Subject: Re: [Netconf] Draft Charter Proposal for NETCONF WG
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 16:41:23 -0000

Hi Tom,

We renamed our "keychain" module to "keystore" about four months ago, in part to help disambiguate it from the rtgwg's "key-chain" module.  The rtgwg's key-chain module is specific to symmetric keys used in routing protocols, whereas the netconf keystore module is primarily focused on asymmetric keys used in authentication protocols.  We discussed a while back (> 1yr ago) about potential overlap and decided that there was none.  During YANG doctor review, I encouraged Acee to add a statement about the non-relationship, but he didn't go for it.  FWIW, the PCE-PCEP module plans to use both the key-chain and keystore modules.

Kent


-----ORIGINAL MESSAGE-----

What interaction, if any, is there between

draft-ietf-rtgwg-yang-key-chain-15.txt
This document describes the key chain YANG data model.
file "ietf-key-chain@2017-02-16.yang"

currently in IETF Last Call, and

draft-ietf-netconf-system-keychain-00
This document defines a YANG data module for a system-level keychain
mechanism
file "ietf-system-keychain@2016-07-08.yang"

?

Tom Petch


----- Original Message -----
From: "Mehmet Ersue" <mersue@gmail.com>
To: "'Benoit Claise'" <bclaise@cisco.com>; "'Susan Hares'"
<shares@ndzh.com>
Sent: Monday, March 20, 2017 4:32 PM

> Dear All,
>
>
>
> based on the recent discussion and proposals please find below the
updated
> charter proposal for NETCONF WG.
>
> Please comment before March 24, 2017.
>
>
> Following Benoit's support the I2RS-related additions have been added
as a
> separated item.
>
> Being dependent on netmod-revised-datastores point 6 and 7 have been
defined
> as a goal without a deadline.
>
>
> Mehmet
>
>
> Network Configuration (netconf)
>
> -------------------------------
>
>
>
> Charter
>
>
>
> Current Status: Active
>
>
>
> Chairs:
>
>      Mahesh Jethanandani <mjethanandani@gmail.com>
>
>     Mehmet Ersue <mersue@gmail.com>
>
>
>
> Operations and Management Area Directors:
>
>      Benoit Claise <bclaise@cisco.com>
>
>      Joel Jaeggli <joelja@bogus.com>
>
>
>
> Operations and Management Area Advisor:
>
>      Benoit Claise <bclaise@cisco.com>
>
>
>
> Mailing Lists:
>
>      General Discussion: netconf@ietf.org
>
>      To Subscribe:    https://www.ietf.org/mailman/listinfo/netconf
>
>      Archive:
<https://mailarchive.ietf.org/arch/browse/netconf/>
> https://mailarchive.ietf.org/arch/browse/netconf/
>
>
>
> Description of Working Group:
>
>
>
>   Configuration of networks of devices has become a critical
requirement
>
>   for operators in today's highly interconnected networks. Large and
>
>   small operators alike have developed their own mechanisms or have
used
>
>   vendor specific mechanisms to transfer configuration data to and
from
>
>   a device and to examine device state information which may impact
the
>
>   configuration. Each of these mechanisms may be different in various
>
>   aspects, such as session establishment, user authentication,
>
>   configuration data exchange, and error responses.
>
>
>
>   The NETCONF protocol (RFC 6241) provides mechanisms to install,
>
>   manipulate, and delete the configuration of network devices. NETCONF
>
>   is based on the secure transport (SSH is mandatory to implement
while
>
>   TLS is an optional transport). The NETCONF protocol is data modeling
>
>   language independent, but YANG (RFC 7950) is the recommended NETCONF
>
>   modeling language, which introduces advanced language features for
>
>   configuration management.
>
>
>
>   NETCONF WG recently finalized the development of RESTCONF protocol
>
>   (RFC 8040) which provides an interface over HTTPs for accessing data
>
>   defined in YANG. RESTCONF is based on the capabilities and uses the
>
>   datastore concept defined in the NETCONF protocol specification. In
>
>   support of RESTCONF the YANG-Patch (RFC 8072) mechanism has been
>
>   provided for applying patches to configuration datastores. The YANG
>
>   Module Library (RFC 7895) provides information about all YANG
modules
>
>   used by a network management server.
>
>
>
>   Last but not least NETCONF and RESTCONF Call Home (RFC 8071) have
been
>
>   developed, which enable a server to initiate a secure connection to
a
>
>   NETCONF or RESTCONF client respectively.
>
>
>
>   In the current phase of NETCONF's incremental development the
>
>   workgroup will focus on following items:
>
>
>
>   1. Finalize the YANG data module for a system-level keystore
mechanism,
>
>   that can be used to hold onto asymmetric private keys and
certificates
>
>   that are trusted by the system advertising support for this module.
>
>   Based on the known dependencies this draft has the highest priority
>
>   for the WG.
>
>
>
>   2. Finalize Server and Client Configuration YANG modules for both
>
>   NETCONF and RESTCONF as well as the Client and Server Models for SSH
>
>   and TLS.
>
>
>
>   3. Finalize the Zero-touch provisioning for NETCONF or
RESTCONF-based
>
>   Management as a technique to establish a secure network management
>
>   relationship between a newly delivered network device configured
with
>
>   just its factory default settings, and the Network Management
System)
>
>
>
>   4. Provide a revised version of RFC 6536 (NETCONF Access Control
>
>   Model) by adding support for RESTCONF and the YANG 1.1. constructs
>
>   like "action" and the "notification" statements.
>
>
>
>   5. Provide a set of documents enabling advanced notification/
>
>   subscription capabilities, which gracefully co-exist in a deployment
>
>   of RFC 5277. The new capabilities include e.g. transport
independence,
>
>   multiple dynamic and configured subscriptions in a transport
>
>   session. RFC 5277 will be obsoleted in parallel to the publication
of
>
>   the new document set. Following specifications will be addressed:
>
>    - Protocol-neutral notification framework, i.e., explaining the
>
>      concepts of subscriptions, filters, subscription state
>
>      notifications, replay, etc. and defining the associated YANG data
>
>      model, RPCs, etc.
>
>    - Definition of notifications sent over NETCONF and how YANG
>
>      notifications are encoded in XML and JSON. Include considerations
>
>      for parallel support / implementation compatibility with
RFC-5277.
>
>    - Definition of notifications sent over RESTCONF and HTTP2 and how
>
>      YANG notifications are encoded in XML and JSON. Include specifics
>
>      of call-home and heartbeat for subscriptions.
>
>    - The subscription and push mechanism for YANG datastores allowing
>
>      subscriber applications to request updates from a YANG datastore.
>
>
>
>   6. Provide a revision for the NETCONF and RESTCONF protocols and the
>
>   used datastore framework building on the datastore concept in NETMOD
>
>   revised datastores work. Bug fixing will be done and potential
>
>   extensions will be added. Provide guidance on how to adapt and use
>
>   YANG with NETCONF and RESCONF protocols. NETCONF XML Encoding Rules
>
>   from RFC 7950 will be moved to RFC6241bis.
>
>
>
>   7. Define capabilities for NETCONF and RESTCONF to support I2RS
protocol
>
>   and ephemeral state datastore requirements.
>
>
>
>   Based on the implementation, deployment experience and inter-
>
>   operability testing, the WG aims to produce a NETCONF status report
>
>   in a later stage. The result may be clarifications for RFC6241 and
>
>   RFC6242 and addressing any reported errata.
>
>
>
>
>
> Goals and Milestones:
>
>   Done     Submit NETCONF/RESTCONF Call Home to AD/IESG for
consideration as
> Proposed Standard
>
>   Done     Submit YANG Library to AD/IESG for consideration as
Proposed
> Standard
>
>   Done     Submit RESTCONF to AD/IESG for consideration as Proposed
Standard
>
>   Done     Submit YANG Patch to AD/IESG for consideration as Proposed
> Standard
>
>
>
>   May 2017  WGLC for Zero-touch configuration mechanism
>
>   Jun 2017  Submit Zero-touch configuration to AD/IESG for
consideration as
> Proposed Standard
>
>   May 2017  WGLC for system-level keystore mechanism
>
>   Jun 2017  Submit keystore mechanism to AD/IESG for consideration as
> Proposed Standard
>
>   May 2017  WGLC for Server and Client models for NETCONF and RESTCONF
>
>   Jun 2017  Submit Server and Client Configuration models to AD/IESG
for
> consideration as Proposed Standard
>
>   May 2017  WGLC for Client and Server Models for SSH and TLS
>
>   Jun 2017  Submit Client and Server Models for SSH and TLS to AD/IESG
for
> consideration as Proposed Standard
>
>   Jun 2017  WGLC for RFC 6536bis (NETCONF Access Control Model)
>
>   Jul 2017  Submit RFC 6536bis to AD/IESG for consideration as
Proposed
> Standard
>
>   Jun 2017  WGLC for advanced Notification/Subscription specifications
>
>   Jul 2017  Submit Notification/Subscription specifications to AD/IESG
for
> consideration as Proposed Standard
>
>
>
>
>
> From: Benoit Claise [mailto:bclaise@cisco.com]
> Sent: Friday, March 17, 2017 4:49 PM
> To: Kent Watsen <kwatsen@juniper.net>; Mehmet Ersue
<mersue@gmail.com>;
> 'Susan Hares' <shares@ndzh.com>; 'Andy Bierman' <andy@yumaworks.com>
> Cc: 'Netconf' <netconf@ietf.org>
>
>
>
> On 3/8/2017 12:57 AM, Kent Watsen wrote:
>
> I agree with Mehmet, any changes to the NC/RC protocols should be done
in
> the NETCONF WG.
>
> +1.
>
> Regards, Benoit
>
>

<snip>


_______________________________________________
Netconf mailing list
Netconf@ietf.org
https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email