IETF Logo Mail Archive

Re: [netconf] HTTPS notifications (draft-ietf-netconf-https-notif)

Kent Watsen <kent@watsen.net> Tue, 24 September 2019 00:28 UTC

Return-Path: <0100016d60ab5732-3db5a046-a7b1-4386-b507-977cfa0cd25b-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AFAE120099 for <netconf@ietfa.amsl.com>; Mon, 23 Sep 2019 17:28:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nZLMAmU1LhAO for <netconf@ietfa.amsl.com>; Mon, 23 Sep 2019 17:28:26 -0700 (PDT)
Received: from a8-64.smtp-out.amazonses.com (a8-64.smtp-out.amazonses.com [54.240.8.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54CEF120045 for <netconf@ietf.org>; Mon, 23 Sep 2019 17:28:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1569284904; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=njTbGIcLTp9yVlHu+cQ4oZxW3QUJpBzBualq2YecL68=; b=UlpaMMI8dLz900P9Bd5Qnp1UjCw+t8wUo8kv6igO7rw9uk9Q5Qa0ZQIcOiVh2tyt EJK0BxqxgNeXInKQlYxd1cZw/kTNIj+Zx5hAmh6m2LhMQpoiP+4JB13eNA1QRaOvLb3 SY8b3RZ231uEyNtePtLuCCCYRwRus6SyH8RNVdqI=
From: Kent Watsen <kent@watsen.net>
Message-ID: <0100016d60ab5732-3db5a046-a7b1-4386-b507-977cfa0cd25b-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C86BCCD0-8A2A-438C-88C2-662A27FE160F"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 24 Sep 2019 00:28:24 +0000
In-Reply-To: <VI1PR0701MB22862DB97D9F2389D859270FF0850@VI1PR0701MB2286.eurprd07.prod.outlook.com>
Cc: "netconf@ietf.org" <netconf@ietf.org>
To: Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org>
References: <VI1PR0701MB22862DB97D9F2389D859270FF0850@VI1PR0701MB2286.eurprd07.prod.outlook.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.09.24-54.240.8.64
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/XRLDdVPN3Iq3hiO4Z4Zgp56Jmhg>
Subject: Re: [netconf] HTTPS notifications (draft-ietf-netconf-https-notif)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Sep 2019 00:28:29 -0000

Hi Balazs,


> The draft should discuss how long the HTTPS connection is held open for the next notification. Or is it open/closed for each notification?

Should it?  Perhaps it should say "Implementations must determine how long the HTTPS connection is held open for subsequent notifications, or if it is open/closed for each notification."


>  The draft should include a sequence diagram showing the message flow something like:
> Server                         Client
> <------- establish TCP
> <------- establish SSH (or TLS)
> <------- establish Netconf session
> <------- <edit-config>   configure subscription over Netconf
> <-------- <close-session>
> <-------- tear down Netconf/SSH/TCP

I don't think the draft needs to include this diagram, as it's standard NETCONF.


> Later
>  
> ------> establish TCP
> ------> establish TLS
> ------> Send HTTPS POST message with YANG defined notification
> <-----Send OK
>  
> The last 2 or 4 steps repeat until the subscription is removed by another <edit-config> 


Assuming the TLS session is help open, it might look like this?

> ------> establish TCP
> ------> establish TLS
> ------> Send HTTPS POST message with YANG defined notification
> <-----Send 204 (No Content)
> ------> Send HTTPS POST message with YANG defined notification
> <-----Send 204 (No Content)

> ------> Send HTTPS POST message with YANG defined notification
> <-----Send 204 (No Content)



From the email I sent Martin on Sep 9th, each POST MAY contain more than one notification:


    POST /some/path HTTP/1.1
    Host: my-receiver.my-domain.com <http://my-receiver.my-domain.com/>
    Content-Type: application/yang-data+xml

    <notification
      xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
      <eventTime>2019-03-22T12:35:00Z</eventTime>
      <foo xmlns="https://example.com <https://example.com/>/my-foobar-module">
        ...
      </foo>
    </notification>

    <notification
      xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
      <eventTime>2019-03-22T12:35:00Z</eventTime>
      <bar xmlns="https://example.com <https://example.com/>/my-foobar-module">
        ...
      </bar>
    </notification>

    <notification
      xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
      <eventTime>2019-03-22T12:35:00Z</eventTime>
      <baz xmlns="https://example.com <https://example.com/>/my-foobar-module">
        ...
      </baz>
    </notification>


With response:

      HTTP/1.1 204 No Content
      Date: Thu, 26 Jan 2017 20:56:30 GMT
      Server: my-receiver.my-domain.com <http://my-receiver.my-domain.com/>


Kent // co-author

v2.23.0 | Report a Bug | By Email