IETF Logo Mail Archive

Re: [Netconf] Shepherd review of draft-ietf-netconf-zerotouch-22

Kent Watsen <kwatsen@juniper.net> Wed, 22 August 2018 16:53 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DA6A130DC5 for <netconf@ietfa.amsl.com>; Wed, 22 Aug 2018 09:53:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.711
X-Spam-Level:
X-Spam-Status: No, score=-2.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7RW_qV_Ovh_c for <netconf@ietfa.amsl.com>; Wed, 22 Aug 2018 09:53:53 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26190130DD5 for <netconf@ietf.org>; Wed, 22 Aug 2018 09:53:53 -0700 (PDT)
Received: from pps.filterd (m0108157.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w7MGnAZM005078; Wed, 22 Aug 2018 09:53:52 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=R76XAFegQTlrtJv8T4HqS85RJZuKN3Nol50xCeMaFD4=; b=PPFpcfEyGMeiqoYeTAD+aapgowhuIdtO0uY7xw4LcpUKmgWFyjy5xAJwzj6GSlxbokeV iahOjkpSpZsbDTElWEF8n2wqPJxLKitJvVwWAIUHSJyOPcIxC17bxc81M4VyRKsuqkyu syBHUMuXTNMTNkA2xySlvrjfpxVXDPd7tcw7vBgBvCrI6mPP5sB6js1yItmb6QycELcO 9RLr2ZcS+SUlvD1FFJu6KaE2Pu3uCewv0fozcSVQ+etbfwTH2njvnpw1uUsx64OBB261 7tMRiaoWtd/vZDG+LAprJpdn3RkHqQUcehVLPn0sOBOWrJVmp3rkBhmtcpccJZprIzfn Fw==
Received: from nam01-sn1-obe.outbound.protection.outlook.com (mail-sn1nam01lp0112.outbound.protection.outlook.com [207.46.163.112]) by mx0a-00273201.pphosted.com with ESMTP id 2m0wp399sq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 22 Aug 2018 09:53:52 -0700
Received: from DM6PR05MB4665.namprd05.prod.outlook.com (20.176.109.202) by DM6PR05MB4363.namprd05.prod.outlook.com (20.176.78.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.13; Wed, 22 Aug 2018 16:53:50 +0000
Received: from DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::14ab:9da7:be4a:fbaf]) by DM6PR05MB4665.namprd05.prod.outlook.com ([fe80::14ab:9da7:be4a:fbaf%4]) with mapi id 15.20.1080.010; Wed, 22 Aug 2018 16:53:50 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
CC: Netconf <netconf@ietf.org>
Thread-Topic: Shepherd review of draft-ietf-netconf-zerotouch-22
Thread-Index: AQHUOY4aXc46vTDN+EiCRIcfB2nTiqTLuzkA
Date: Wed, 22 Aug 2018 16:53:50 +0000
Message-ID: <32AB6932-94CE-4FF1-965F-F7D2E65AF96B@juniper.net>
References: <AFAF8A86-ED41-4055-A001-43A24679A310@gmail.com>
In-Reply-To: <AFAF8A86-ED41-4055-A001-43A24679A310@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM6PR05MB4363; 6:N1cbVITMtNpO4E9E0OLgTy0fmV0jbUKlaViwapl8pcA26MkBlKC/QTnD6Lh2OUtgqCPgGo9/5U/Lrc0aEOt5xdjToRwvJ+GTBX3e1rGkCElXV5dUSMtkLRerX1Wd282/JsiJoj6nY7QXoVjafY79X+PRM8FlSMQurZ5/G1eEXDLt9yLJxvv8nIf73+UmSxe6UiS8bf4pEviFxU9SMWbXzPMr+axkH6szGKsuZDVk8iE7BG9lfNrgUCrLrw4abuJqsOluUVPpV8qGQZZkpyx8NMqGuPuOST0MVYVoevi7PoZFaSs9CSDQPwqbXlETBJcv0t+B/VnXP5j1+6MuUDU97lMm/3cSBMXeiZBTwXYzZe3KqlNtf1T7dD8su+iCcfCA6e38BIHQbiVXBOPX1KcjYAHQ28CA/0CwNEczAfPyfArnwmNZMBecCV2GUMpIw8tZVdFeS6cjWYWuIRfXCI/yJQ==; 5:/6R/mEqSAf7VgnBoHK533RnfK+6+lR5sBeyAB7BtyxaHwWHxuaQi8FNZtraMzS0y+Di0MzYzQFqx+89IGMBxciMnOmBdowblEWVDQBehQOndO5QsNmDckEFDOKxLWnHau4qNlTtZkZQqmvsk1gPTnO4Bq2LE8oRsZxjDqLIa7h4=; 7:vJEWV2LgPpEMU1pGkK7aOgKqNFXw7v/9b+hqldoz4GovnJeJ09Bs3VHIJcBPbLzV4m7xVWl1PgzG7gnXfEQUBWWRNg1Es2RQUgqq1lOtz5Hu+FueiTE6gWxm52CZwGb5tlLrDPDs10R71ry6iI0pgXlUufz6WPjSKjJZdc4JEJPYR4aAOENr3EVV9d9IYvXFP6xkbED3jzoIu5QaMgcVOi2T6NTXP7QDAwrbzEdCXM+3n+ZShVC625dbv6XfuYS6
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 02f4b6d9-9b95-4bb1-ca45-08d6084fd5db
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DM6PR05MB4363;
x-ms-traffictypediagnostic: DM6PR05MB4363:
x-microsoft-antispam-prvs: <DM6PR05MB43630E9DEB07254927132163A5300@DM6PR05MB4363.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(192374486261705);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231311)(944501410)(52105095)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(20161123560045)(20161123562045)(201708071742011)(7699016); SRVR:DM6PR05MB4363; BCL:0; PCL:0; RULEID:; SRVR:DM6PR05MB4363;
x-forefront-prvs: 0772E5DAD5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(376002)(136003)(346002)(396003)(39860400002)(51444003)(199004)(189003)(58126008)(186003)(105586002)(2616005)(102836004)(305945005)(4326008)(99286004)(7736002)(476003)(11346002)(486006)(66066001)(25786009)(6506007)(106356001)(33656002)(8676002)(478600001)(14454004)(446003)(316002)(81166006)(83716003)(26005)(81156014)(8936002)(97736004)(2906002)(5660300001)(82746002)(6246003)(14444005)(6436002)(256004)(36756003)(6116002)(76176011)(3846002)(5250100002)(53936002)(39060400002)(68736007)(6486002)(86362001)(2900100001)(229853002)(6512007)(6916009)(1411001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR05MB4363; H:DM6PR05MB4665.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 3MUCI7f1mbQCPSVE3Td2xZgD7W91dnBQUNqlUricd40G6wvG5LDb+AXThghefmKl8g/EDoz4QNIJvrxZz+bI484yaSFsyJdkjjzJUPlg5/xMkUgi3086DwdULbwZE4lwEiru2wSTPL7qClkHf9n6hrKYjiQpZHsLwNV3W6iVWMy3IhrLMvk1SCvwj6soTaLyK1Zvkba/lownkG3oNRcVzwnKd6R0Q1uEFPVcjy2Hooe5WG0JijrUR9zNomq9CgOQiEhvG1a0QphQv2XZJ/iCbOJWf4Kwn3UHo3kT9jiAkXGKm+41hL7wD6X9Dc8nhMh3lVsJXhWOdSzvHAY9bsB6R+mjg5ga49bH1v/7Clm2D3Y=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <E0A6DD5E67F0BF4A991E22CA70BD6A60@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 02f4b6d9-9b95-4bb1-ca45-08d6084fd5db
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2018 16:53:50.1799 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR05MB4363
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-22_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808220169
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/Wq18cKvRn1tFespnEgtzxsTabUA>
Subject: Re: [Netconf] Shepherd review of draft-ietf-netconf-zerotouch-22
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Aug 2018 16:53:55 -0000

Hi Mahesh,

Thanks for your review, comments below.

Kent // author


----- original message -----

Hi Kent,

I am aware that you just published another version of the document. Most of this review was done for -22 version of the document. 

In Section 5.6, in paragraph 6 the document talks about initial configuration being applied. If an error occurs, is that initial configuration removed? If so, how? It also says that the device may not (did you mean RFC 2119’s MAY NOT?) reset itself in order to wipe out any state the preconfigure script may have left behind. That means in case of an error not only will there be initial configuration left on the device, but any state left behind by the preconfigured script. With post-configured script, the device is supposed to reset itself, removing any pre-configured state and also any initial configuration. I do not understand why with initial configuration this exception is being made (of not resetting the device and clearing any state left behind by the current or previous step).

<KW> Please read Section 5.6 in -23.  This section was significantly rewritten specifically to address this issue.


Section 6.3. You need to add references to the RFCs that you import or reference in the YANG model, e.g. RFC 6991.

<KW> I think that this is already the case.  Please see the 2nd paragraph in Section 6.3.  Is there a particular issue?


leaf-list download-uri:

I am confused by the last sentence in the description. “If a secure scheme (e.g. https) is provided, a device may (again, did you mean RFC 2119’s MAY) establish an untrusted connection to the remote server to obtain the boot-image.”  Are you suggesting that the device (client) does not need to authenticate itself to the server? 

<KW> No, I mean that the device MAY blindly authenticate the server's end-entity certificate. Also, that MAY is capitalized already, right?


Most of the draft talks about the need for the device to authenticate itself for the server to validate the device-id of the requestor. 

<KW> Correct.


Also, are you suggesting that a untrusted connection is fine because the image returned will be a signed image only? 

<KW> No, the text is not trying to suggest that, though it is somewhat true.  More specifically, the draft says that either signed data, of either type (redirect or onboarding information), or (likely more) unsigned redirect information, can be returned.


This was made somewhat clear only after seeing Appendix B diagram.

<KW> Gotcha.  We can fix the description, by adding "by blindly accepting the server's end-entity certificate".  Below is the resulting text.  This text also accommodates other comments Mahesh had a couple days ago.

          leaf-list download-uri {
            type inet:uri;
            ordered-by user;
            description
              "An ordered list of URIs to where the same boot image
               file may be obtained.  How the URI schemes (http, ftp,
               etc.) a device supports are known is vendor specific.
               If a secure scheme (e.g., https) is provided, a device
               MAY establish an untrusted connection to the remote
               server, by blindly accepting the server's end-entity
               certificate, to obtain the boot image.";
          }


s/This doesn’t affect Security so much as Privacy/This doesn’t affect security as much as privacy/
s/the device is being directed/the device is being directed to/
s/server tis time/server this time/

<KW> All fixed.


Appendix C.3:

In the diagram, step 3, it says that “only if source is a bootstrap server, send progress updates”. Shouldn’t it be a “trusted bootstrap server”? The description for step 3 clarifies it.

<KW> Good catch!  fixed.

v2.23.0 | Report a Bug | By Email