[netconf] Updates to http/nc/rc client-server drafts
Kent Watsen <kent+ietf@watsen.net> Thu, 13 February 2025 14:48 UTC
Return-Path: <01000194ffc81ca9-f170026b-199b-42cf-9319-1b4f17dae1da-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68637C151527 for <netconf@ietfa.amsl.com>; Thu, 13 Feb 2025 06:48:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xF34TJgUHND3 for <netconf@ietfa.amsl.com>; Thu, 13 Feb 2025 06:48:13 -0800 (PST)
Received: from a8-31.smtp-out.amazonses.com (a8-31.smtp-out.amazonses.com [54.240.8.31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E8D5C180B7E for <netconf@ietf.org>; Thu, 13 Feb 2025 06:48:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1739458092; h=From:Content-Type:Mime-Version:Subject:Message-Id:Date:Cc:To:Feedback-ID; bh=310+cz5PrlJ1z9Fz67Vyg+syi9P4hpKgGOv6zIHeSw4=; b=Kcu/kRmmHjezYCpiqGodP5Xfe2RE/eLhPuj0qqBv5IeANQ7BA9MSwuYA+pgcqHHt brr32RbkCu354C6voGnVroXIKxd2IPkQ9XZ1E12MqxN88TIr9Oc4nHjpbxP21mygf/r J6uoI6fb9di62y6rKN28OSwpEb/Not8fOa1gMEdk=
From: Kent Watsen <kent+ietf@watsen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4ACDD43D-DA98-4A90-B15B-49964387E4C6"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Message-ID: <01000194ffc81ca9-f170026b-199b-42cf-9319-1b4f17dae1da-000000@email.amazonses.com>
Date: Thu, 13 Feb 2025 14:48:12 +0000
To: "netconf@ietf.org" <netconf@ietf.org>
X-Mailer: Apple Mail (2.3774.400.31)
Feedback-ID: ::1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2025.02.13-54.240.8.31
Message-ID-Hash: NDT2YM2I5L3X2MZK3ELRQH3BVRPQ2GRW
X-Message-ID-Hash: NDT2YM2I5L3X2MZK3ELRQH3BVRPQ2GRW
X-MailFrom: 01000194ffc81ca9-f170026b-199b-42cf-9319-1b4f17dae1da-000000@amazonses.watsen.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netconf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [netconf] Updates to http/nc/rc client-server drafts
List-Id: NETCONF WG list <netconf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/bJfcO-avAzs5Dqd05Vcq7YMu7_k>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Owner: <mailto:netconf-owner@ietf.org>
List-Post: <mailto:netconf@ietf.org>
List-Subscribe: <mailto:netconf-join@ietf.org>
List-Unsubscribe: <mailto:netconf-leave@ietf.org>
Dear NETCONF WG, Please help me navigate a tricky issue and its cascading impact. Firstly, be advised that the three drafts in the Subject line have been updated twice in the last week (well, the NC draft was updated just once). The first round of updates (Feb 4th) addressed IESG comments, as well as a comment from Robert Varga (CC-ed). The second round of updates (Feb 12th) addressed a lingering Security Considerations item I’d forgotten about, as well as to rework parts of the solution from the first update. It is this “solution” I wish to discuss. The issue begins with the original "ietf-http-client" module previously defining a leaf called “uri” as type “string” with no “pattern” statement. Robert Varga rightly (IMO) noted that the YANG would be better if the URI components (e.g., scheme, host, port, etc.) were broken out into a leaf each. Robert also noted that the path/query/fragment components in the URI never make sense to configure for a RESTCONF server. To address this, the Feb 4 update converted the “uri” to a “container” having leafs for the various parts, with the path/query/fragment parts having a common “if-feature” statement sharing a feature called “full-url-supported”. Yesterday, Mahesh and I met to discuss the impact to the “https-notif” draft, which *does* use the “path” component. [FWIW, it is easy/convenient for the https-notif draft to do it this way, but it is also possible for the draft to define a path-discovery mechanism, like the XRD used by RESTCONF <https://www.rfc-editor.org/rfc/rfc8040.html#section-3.1>.] This means that the https-notif draft would need the “full-url-supported” feature be enabled, which we didn’t like. Brainstorming, we thought of these options, that are broadly partitioned into two categories: SUBTRACTIVE vs ADDITIVE, where these terms regard the impact to importing modules: SUBTRACTIVE: let ietf-http-client define the path/query/fragment nodes (importing modules remove unwanted leafs) Using a common “full-url-supported” feature (this was the Feb 2nd solution) PROs: Easy, satisfies common use cases CONs: The https-notif draft would need to both a) require the feature be set (unless using an XRD-like discovery mechanism) and b) define an “if-feature” statement to remove the “query” and “fragment” parts. The restconf-client-server draft would need to define an “if-feature” statement to remove the path/query/fragment” parts (in case the feature is ever enabled). Using a unique “feature” for each PROs: A little more complicated than (1) CONs The https-notif draft would need to both a) require the path-specific feature be set (unless using an XRD-like discovery mechanism) and b) define an “if-feature” statement to remove the “query” and “fragment” parts (in case those features are ever enabled) The restconf-client-server draft would need to define an “if-feature” statement to remove the path/query/fragment” parts (in case the feature is ever enabled). Using no “feature” statement, leaving it to other drafts to augment feature statements in if needed (this is the Feb 12 solution) PROs: Easier than (1) Gives maximum flexibility to importing modules CONs The https-notif draft would need to define an “if-feature” statement to remove the “query” and “fragment” parts. The restconf-client-server draft would need to define an “if-feature” statement to remove the path/query/fragment” parts. ADDITIVE: do not have ietf-http-client define the path/query/fragment nodes at all (importing modules add in missing leafs) PROs: Clean, lowest common denominator Gives even more flexibility to importing modules than (1.3) above. No need for importing modules to define “if-feature” statements to remove unwanted leafs CONs: The “uri” container is an incomplete definition. This is the biggest sticky point for me. It seems that a node called “uri” should be a URI per Section 3 of RFC 3986. Anything less shouldn’t be called a “uri” (IMO) but I don’t know of a good way to do that. PS: above mentions defining an “if-feature” statements to remove unwanted leafs. To be clear, the statement is ‘if-feature “foo and not foo”’, which creates a logical fallacy that can never be satisfied. See https://github.com/netmod-wg/yang-next/issues/153. Thoughts? Kent // author
- [netconf] Updates to http/nc/rc client-server dra… Kent Watsen
- [netconf] Re: Updates to http/nc/rc client-server… Mahesh Jethanandani
- [netconf] Re: Updates to http/nc/rc client-server… Kent Watsen