IETF Logo Mail Archive

Re: [Netconf] SSE and HTTP/2 in restcon-notif

"Eric Voit (evoit)" <evoit@cisco.com> Thu, 27 September 2018 21:28 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14EDE1292F1 for <netconf@ietfa.amsl.com>; Thu, 27 Sep 2018 14:28:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Pk-FB7IM6vH for <netconf@ietfa.amsl.com>; Thu, 27 Sep 2018 14:28:26 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CFE6127332 for <netconf@ietf.org>; Thu, 27 Sep 2018 14:28:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3946; q=dns/txt; s=iport; t=1538083706; x=1539293306; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=d9jpB0HDmx72WwtkYaQVZs5bP9NjMo4J1DXqDpLkYSg=; b=MdmynLvG91Ct9HqoaZXxTVtR5bGSt0nquHYVXBw+0uc5K5AaiimEFwvg umz7q3afcTQkZt7Se8XHJYmD8WQKGu6Goi+AAfgEKoyMJF1qx10EWr8/C KGxQq7QaIN3JiQK0ItvLglr1J38gbtG3fnKR6IzZz7p3UJHU9zIjoYgbp k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AbAADGSq1b/4UNJK1bGQEBAQEBAQEBAQEBAQcBAQEBAQGBUYIOZn8oCoNqiBWOPoM9kxWBeguEbAIXg3AhNBgBAwEBAgEBAm0ohTgBAQEBAgEjEUUFCwIBCBUDAgIJHQICAjAVEAIEAQ0FCBODB4F5CKJNgTqBLooOgQuJcxeBQT+DbzWEaC0jgkeCVwJ8nBUJApAkH486lHMCERSBJR04gVVwFYMngiUXjhcBb40TgR8BAQ
X-IronPort-AV: E=Sophos;i="5.54,312,1534809600"; d="scan'208";a="458497100"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Sep 2018 21:28:25 +0000
Received: from XCH-RTP-004.cisco.com (xch-rtp-004.cisco.com [64.101.220.144]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id w8RLSOIT021869 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 27 Sep 2018 21:28:25 GMT
Received: from xch-rtp-013.cisco.com (64.101.220.153) by XCH-RTP-004.cisco.com (64.101.220.144) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Thu, 27 Sep 2018 17:28:24 -0400
Received: from xch-rtp-013.cisco.com ([64.101.220.153]) by XCH-RTP-013.cisco.com ([64.101.220.153]) with mapi id 15.00.1395.000; Thu, 27 Sep 2018 17:28:24 -0400
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: "Reshad Rahman (rrahman)" <rrahman@cisco.com>, Kent Watsen <kwatsen@juniper.net>, Martin Bjorklund <mbj@tail-f.com>
CC: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] SSE and HTTP/2 in restcon-notif
Thread-Index: AQHUVpLBkBpJSSIQbkWRq5O8cMUK2aUErtaA///xPUA=
Date: Thu, 27 Sep 2018 21:28:24 +0000
Message-ID: <78634ca7fead4c36be0e0eea489b6aac@XCH-RTP-013.cisco.com>
References: <B51DAF9C-4294-44BF-9138-7145E61F42AB@juniper.net> <90F5045B-B1F6-48C8-9569-2BD4EE7A384F@cisco.com>
In-Reply-To: <90F5045B-B1F6-48C8-9569-2BD4EE7A384F@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.118.56.234]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Outbound-SMTP-Client: 64.101.220.144, xch-rtp-004.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/YiU88QvSmOrbHl2Ey147sqATOoU>
Subject: Re: [Netconf] SSE and HTTP/2 in restcon-notif
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2018 21:28:28 -0000

> From: Reshad Rahman, September 27, 2018 5:04 PM
> 
> Hi Kent,
> 
> 
> On 2018-09-27, 2:49 PM, "Kent Watsen" <kwatsen@juniper.net> wrote:
> 
> 
>     <chair plea>
>       Can we try to have a Last Call worthy version on the restcon-notif
>       draft by mid next week?  The chairs would like to Last Call both
>       NN + RN together if possible...
>     </chair plea>
> 
> <RR> I will strive to do so, no promises...
> 
>     As I understand it, there are three issues (any others?) as follows:
> 
>     1) SSE
> 
>        Actually, with Reshad's last response, this may not be an issue
>        anymore.  Just in case, I also feel that the *restconf*-notif draft
>        needs to align as closely as possible to the RFC 8040 notification
>        solution.  Ideally, we just use SSE outright and we're done.
> <RR> Yes, that's the plan.
> 
>     2) HTTP/2
> 
>        Not sure where this landed, but my thoughts are this draft needs to
>        support both 1.1 and 2.0.  I envision the variation being relatively
>        minor, something along the line of:
> 
>          if 1.1, then SSE.
>          if 2.0, client MAY open a stream first.
> <RR> I thought the agreement was to have no http2 in the spec, except maybe
> as an informational note. RFC8040 doesn't mention http2 at all.
> 
>     3) resource URIs
> 
>        This is likely where we need to spend the most time. We know that
>        establish-subscription returns a dynamically created URI, comparable
>        to what a client might get from ietf-restconf-monitoring:restconf-state\
>        /streams/stream/access/location.  Are there just two issues?
> 
>        a) how does the server ensure only said client accesses the resource?

With HTTP2, you can require that the same HTTP session be used as was used for the RESTCONF signaling.   For HTTP 1.1, perhaps there could be some comparison of the access credentials used across independent TLS sessions?  

>        b) how does the server know when it's okay to reclaim the resource,
>           when a client doesn't "delete" or "kill" the subscription?
> 
> <RR> I don't know. Eric, have these been discussed in the past?

This was discussed earlier in the thread.  Basically ending the subscription can be done by:

- delete-subscription rpc
- kill-subscription rpc
- loss of TLS heartbeat
- inability to deliver sequential sets of notification messages
     "For connectionless or stateless transports like
      HTTP, a lack of receipt acknowledgment of a sequential set of
      notification messages and/or keep-alives can be used to trigger a
      termination of a dynamic subscription. "   (per SN 1.3)
- " A publisher MAY terminate a dynamic subscription at any time."   (per SN 1.3)

Eric

> Regards,
> Reshad.
> 
> 
> 
>     Kent // contributor
> 
> 
> 
> 
>

v2.23.0 | Report a Bug | By Email