Re: [Netconf] LC on subscribed-notifications-10

[Kent Watsen <kwatsen@juniper.net>]

Here's my review of this draft.

I'm aware that there may be some overlap with recent messages from Rob and Martin.  Please respond to them anyways, if only to explain the resolution made. 

BTW, when I make an open-ended question, what I'm many times looking for draft-text that answers the question.  Yes, I want to know the answer but, more importantly, I want the answer recorded in the draft.

PS: I'm prioritizing reviewing all three drafts over trying to reply to responses from
earlier reviews.  

Thanks,
Kent // contributor (but revving-up for shepherd write-up)


<chair-hat> Authors, can you please start planning a presentation to review any of the larger open issues during the meeting in London? </chair-hat>


Title: the word "custom" is throwing me, what does it mean?  I see the word in the Abstract and similar text in the Introduction.  In total, the substring "custom" appears six times in the draft, all in the Title, Abstract, and Introduction, so the word doesn't seem to carry much weight in the body of the draft itself.  Is there a better word?  Perhaps "Subscriber-specific" or "Receiver-specific"?   Or maybe you want to say "Customized Subscriptions to a Publisher's Event Streams"?

Abstract: The first sentence has three issues: first, there's the custom/subscriber-specific comment from before; second, the word "capabilities" in the first sentence is unclear (if you mean NETCONF/yang-library capabilities, this document does not define any); and third, the word "operations" is ambiguous, the draft uses this word sometimes to mean RPCs, but other times not.  Putting it all together, maybe this is better?

   This document defines mechanisms enabling subscriber-specific
   subscriptions to a publisher's event streams.

Also, in the last sentence, s/Effectively/Combined/ and s/request/request for/?


Introduction: Similar issues with the first sentence as with the Abstract.  Also, missing is a statement regarding this draft's compatibility to NMDA (see rfc6087bis)


Motivation:

  How about this?
  OLD: There are various [RFC5277] limitations, many of which have been
       exposed in [RFC7923] which needed to be solved.
  NEW: Various limitations in [RFC5277] are discussed in [RFC7923].
       Resolving these issues is the primary motivation for this work.

  s/document includes/document include/

  in the 2nd bullet, remove "statically"?  the word "static" hardly appears...

  in the 3rd bullet point: would appending "in progress" be okay?


Terminology: I think you want to use this one:

      The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
      NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
      "MAY", and "OPTIONAL" in this document are to be interpreted as
      described in BCP 14 [RFC2119] [RFC8174] when, and only when, they
      appear in all capitals, as shown here.

  For the "Configured subscription" term, I think that replacing "a 
  configuration interface which" with "configuration that" is clearer.
  If necessary, we could import the term "configuration" from the
  revised-datastores draft.

  For the "Event" term, remove the parenthesis and spell out "e.g."?

  Remove the term "NACM", since it only appears in the Security 
  Considerations section.

  For the "Notification message" term, is the beginning important?
  Maybe s/A set of transport encapsulated information/Information/?

  For the "Publisher" term, why is "Subscription" capitalized?  Is it
  (and all other terms) capitalized consistently throughout the draft?

  For the "Stream" term, I'm wondering if this should be renamed "Event
  stream" (matching what's in the title), and then search/replace instances
  of just "stream" with "event stream" everywhere else in the document.
  This seems better, less ambiguous.

  For the "Subscribed event records" term, I recommend removing it, as
  it only appears three times in the draft and, besides, you already have
  the "Event record" term.

  For the "Subscriber" term, shouldn't you have a 2nd sentence like in
  the "Receiver" term?

  Since the tree diagrams are scattered throughout the document, it would
  be good to add the following here:

     Tree diagrams used in this document follow the notation defined in
     [I-D.ietf-netmod-yang-tree-diagrams].



Solution Overview

  what does "instantiated" mean in the 1st paragraph.  suggest removing
  if not needed.

  in (1), s/RPC/an RPC/.  Also, is "wants" the right word, maybe "is able"?
  same with "wish" in the next sentence.  Also, in the last sentence,
  s/ which would have been accepted/ that, had they been present, would
  have enabled the dynamic subscription request to be accepted/?

  in (2), s/a configuration interface/configuration/.  Also, replace "this
  capability" with "configured subscriptions", and maybe append "based on
  the use of a YANG feature"?

  "For connection-oriented stateful transport" : s/For/For a/ or 
  s/transport/transports/?

  Looking at "Also note that transport specific transport drafts based
  on this specification MUST detail the life cycles of both dynamic and 
  configured subscriptions." - do the netconf-event-notifications and
  restconf-event-notifications drafts do this?

  Last paragraph, s/The publisher/A publisher/


Relationship to RFC-5277:

  In the first bullet point, the "data model" for what, configuration
  or a notification?   (same issue is in the last bullet point as well)

  The 4th bullet point isn't true (see Event Streams below)

Solution:

  Can you add a paragraph here to introduce what all is in Section 2, 
  how it's organized, or whatever might be helpful?

Event Streams:

  The 2nd paragraph says "except for where it has been explicitly 
  indicated that this the event record MUST be excluded from the 
  NETCONF stream".  This is a redefinition of what RFC5277 says,
  has this been discussed?  How is this done (syntax/text)?  Has
  it been done already?

  s/treated a distinct/treated as a distinct/
 

Event Stream Filters

  The 1st and 2nd sentences seems to be at odds with each other.
  

QoS

  What does " MUST work identically" mean?  - is HTTP a mandatory
  transport?  RFC 7540 Section 5.3.3 talks about a PRIORITY frame, 
  which is  defined in Section 6.3 of that draft.  How is this 
  suppose to work in a transport-agnostic way?

Dynamic Subscriptions

  s/RPC/RPCs/

  Please provide more detail about how extensibility is accomplished,
  or an example showing the augmentation occurring.

  For all the subsections, should the title be s/Subscription/Dynamic Subscription/?

Dynamic Subscription State Model

  What does "asserted" mean?  - remove/replace?

  I'm confused by the diagram and subtitle's use of the word "receiver",
  when the first sentence of the paragraph above says that the SM is for
  the publisher...

  Only two notifications?  Looking at the graphic, how is the reader to
  distinguish these as notifications?

  The last sentence of the last bullet doesn't square with what's in the
  graphic.  is "modify-subscription" suppose to be bidirectional?

Establishing a Subscription

  I take it that the last two sentences of the first paragraph are 
  intended as requirements for transport-bindings.  Is that correct?
  If so, then please say so.

  The tree diagram is not identified as a tree diagram.  Nowhere in this
  document is the tree-diagrams draft referenced.  This needs to be fixed.

  Are your tree diagrams dynamically-generated?  - is there any concern
  that they are out-of-date?

  Since you're not describing the contents of the data model here, the
  text should say that a complete description of all the nodes is provided
  in the YANG module, with a reference.

  why is this "establish-subscription-error-stream" yang-data name having
  "-stream" at the end?  (same issue with the other yang-data).  It's
  a rather confusing name.  Maybe "-info" would be better?

  Also, just so I'm clear, each transport-binding needs to indicate if and
  how the yang-data structs are returned, right?  Where is this done in 
  the netconf-notif and restconf-notif drafts?


Replay Subscription

  Should the title being "Replaying Subscriptions", to match the verb
  tense of the other subsections?

  s/Replay puts no/Supporting replay puts no/ or /The document puts no/?

  Current text says:
    """
    The inclusion of a replay-start-time within an "establish-
    subscription" RPC indicates a replay request.  If the "replay-start-
    time" contains a value that is earlier than content stored within the
    publisher's replay buffer, then the subscription MUST be rejected,
    and the leaf "replay-start-time-hint" MUST be set in the reply.
    """
  Why not just start with what you have, prepended by a special "event
  record" that says there is a gap?

  OLD: it MAY also be earlier than the current time and MUST
  NEW: it MAY be earlier than the current time, but MUST

  "subscribers can perform a get on" - rephrase, and use "RPC" somewhere


Modifying a Subscription

  First sentence, no need for the word "previously"

  s/one or multiple times/multiple times -or- any number of times/?

  s/via RPC using/via an RPC on/?

  The tree diagram is not identified as a tree diagram.  And since the
  data model isn't explained, there should be a statement for the reader
  to look at the YANG module for details, ideally with a hyperlink.


Deleting a Subscription

  First sentence, no need for the word "previously"

  Under what conditions could a publisher reject a delete-subscription
  request?  should there delete-subscription-error-stream hints?

  The tree diagram is not identified as a tree diagram.  And since the
  data model isn't explained, there should be a statement for the reader
  to look at the YANG module for details, ideally with a hyperlink.

  Last paragraph, no need for the word "previously"


Killing a Subscription

  Regarding:
    "This operation MUST be secured so that only connections with 
     sufficiently privileged access rights are able to invoke this RPC."
  This needs to be in the Security Considerations section and, given
  that, doesn't need to be here, right?  If you really want it here,
  then please indicate that such guidance is provided in the SC section.

  Replace the paragraph beginning with "The tree structure of" with the
  actual tree diagram for this RPC.


RPC Failures

  Please also call-out RESTCONF error handling (RFC8040 Section 7.1).

  The 2nd paragraph is confusing.  mechanism?  how are the 1st and 2nd
  sentences related? What does the 2nd sentence really mean, esp. wrt.
  the MUST?

  I can't find any examples of these errors in use.  The 
  netconf-event-notifications draft only has examples for 
  the "establish-subscription-error-datastore" and 
  "modify-subscription-error-datastore" errors.  Perhaps the
  examples in that draft need to be split into examples related
  to yang-push vs examples related to subscribed-notifications.


Configured Subscriptions

  1st paragraph: s/configuration interface/configuration/g  (two cases)

  the note under the 3rd bullet point seems unnecessary but, if keeping
  it, then just say that receivers are unaware of the existence of any
  other receivers.

  s/In addition to subscription/In addition to the subscription/
  s/as described in/described in/

  where is the tree diagram for the configuration data model?!

  I don't understand the last bullet point.  First, I'm having trouble
  parsing the implicit parentheses.  Next, the last sentence seems
  complicated, maybe just say "unless directed otherwise, the 
  notification messages MUST egress the publisher's default 
  interface towards the receiver."?


Configured Subscription State Model

  A better first sentence is needed, something introducing that there
  exists a state machine for each configured subscription, and states
  that there are three states (VALID, INVALID, and CONCLUDED), etc.
  Also should state where this state machine is maintained (publisher,
  receiver, both?)

  s/publisher evaluation/evaluation by the publisher/?

  Please move text regarding how to interpret the diagram (uppercase,
  dashed boxes, parantheses, etc.) into a preamble or postamble element.

  s/itself might itself/itself might/
  s/in no longer/is no longer/

  The first paragraph under the diagram doesn't match what the diagram
  shows.  Looking at the diagram, I also see two possible sequence of
  transitions that get VALID to INVALID, but I'm unsure how they relate
  to the two mentioned in the text.  The text should call out which
  parts of the diagram it's referring to.  Many times I number labels
  in diagrams and then, under the diagram, provide a more thorough
  explanation for each number. 

  Is it "any active or suspended receivers" or "any receivers for an
  active or suspended subscription"?

  s/During any times a/When a/?

  Regarding "Below is the state machine for each receiver of a configured
  subscription." - where is this state machine maintained, on the publisher
  or on the receiver?

  why is "receiver" in each box?  Again, you might look to having a 
  preamble or postamble to describe the syntax used in the diagram.  

  1st paragraph below diagram: s/to connecting/to "connecting" -or- to CONNECTING/?

  Regarding "and event records are not being dropped due to a publisher
  buffer overflow" - this seems like it's from out of nowhere.  If not 
  normative, then maybe delete?

  This text is again difficult to reconcile with the diagram.  I again 
  recommend numbering labels and then describe the numbers below.
  
  s/ mechanisms described above is/ mechanisms described above are/
  What does this mean, how are mechanisms mirrored for RPCs and
  notifications?

  Regarding " provides an example of such an extension" - which section?


Creating a Configured Subscription

  1st paragraph: let the first sentence be its own paragraph as with
  the other 2.5.x sections.  For the remainder, I think this is the
  3rd time that the draft has discussed the differences between
  configured and dynamic subscriptions.  Please eliminate unnecessary
  redundancy.  Factor out into another section if needed.

  Regarding 2nd/3rd paragraphs, how resilient is the solution to the 
  resumption of the underlying transport?  If messages lost in the 
  write-buffer are lost, could the receiver ever be helplessly out 
  of sync without a full restart?


Modifying a Configured Subscription

  s/ ././    ;)


Resetting a Configured Receiver

  But *how* is it reset? - via a configuration operation?  which one?
  Should this be part of "Modifying a Configured Subscription"?


Event Record Delivery

  First paragraph, last sentence.  I think I commented on similar text
  before.  Is this a requirement for the transport binding?  Do the
  netconf-notif and restconf-notif drafts satisfy this requirement? where?

  2nd paragraph: "able to traverse" --> "not blocked by"?  Also, for
  the 3rd sentence, call out the "RPC response" is for dynamic and
  "state-change notification" is for configured?

  Last two paragraphs, this text needs to be removed, or else we might
  need to block this draft on notification-messages.   What do you mean 
  by " this document will be updated to indicate support".


Subscription State Notifications

  OLD
   In addition to subscribed event records, a publisher MUST send
   subscription state notifications to indicate to receivers that an
   event related to the subscription management has occurred.
  NEW
   In addition to sending event records to receivers, a publisher MUST
   also send subscription state notifications when events related to
   the subscription management has occurred.
  ???

  2nd paragraph: s/directly//

  Also, I'm unsure about the "subscription-state-notif" extension, how
  is it expected to be used by a YANG processor?  Perhaps a generic
  notification-filtering GUI is envisioned whereby the logic could
  automatically remove these notifications from selection, but coding
  for this extension has very limited use, as no other drafts are ever
  likely to define any.  I suppose it does no harm, but I also think
  that the text sure be clear.  Personally, I'd rather the extension
  be removed unless there is a good reason to keep it.


subscription-started:

  Regarding the 2nd paragraph, Section 2.4.2.1 implies a contradiction
  to this statement.

  The tree diagram is not identified as a tree diagram.  And since the
  data model isn't explained, there should be a statement for the reader
  to look at the YANG module for details, ideally with a hyperlink.

  Why is all this sent to the receiver?  Doesn't it already know the
  protocol and encoding?  What about the other parts?  Which parts
  are actually useful?


subscription-modified

  1st paragraph: the same parameters, or data model / tree diagram?
  Also, is "provided" the right word?  Maybe it would be better to
  have the tree diagram itself, even though only the name changes?

  Last two paragraphs, why put "First" and "Second" when they are
  bullet points.  Maybe you want to use a numbered-list or otherwise
  rephrase these?

  Last paragraph, the last sentence doesn't flow with the first.  
  It seems as if it was copy/pasted from somewhere else.  Is this 
  intended to be a normative statement here?
  

subscription-terminated

  1st paragraph, 1st sentence: -e a/The publisher/A publisher/ and 
  also s/the pushing of/pushing/?

  1st paragraph: "Such a decision may be made for" - should this 
  be "A publisher may terminate a subscription for" ?

  1st paragraph, for the "first type of reason": does the subscription
  terminate when the first or last referenced objects are no longer
  accessible?  BTW, what do you mean by "via the YANG model", aren't
  these instance objects in <operational>?

  1st paragraph, what do you mean by " Identities within the YANG model"?
  Can the text be more clear that it is referring to the "reason" 
  identityref in the tree diagram?

  The tree diagram is not identified as a tree diagram.

  last paragraph: remove "established".  Also, the first 2 sentences would
  benefit moving to singular, as plural leads to some ambiguity.


subscription-suspended

  Please replace the 2nd paragraph with the actual tree diagram, and then
  speak to that.


subscription-resumed

  The tree diagram is not identified as a tree diagram.


subscription-completed

  Please replace the 2nd paragraph with the actual tree diagram, and then
  speak to that.


replay-completed

  2nd paragraph: s/ If subscription/ If a subscription/ and s/which/that/

  Please replace the last paragraph with the actual tree diagram, and then
  speak to that.


Subscription Monitoring

  1st paragraph: s/Container/The container/.   

  How can container "subscriptions" (config true) contain entries for
  dynamic subscriptions?  Are you assuming in <operational>?  Also, 
  does it include configured subscriptions that are currently not 
  active for whatever reason?  You mention NETCONF's <get> (wait, I
  thought this draft was suppose to be transport agnostic), but not 
  NMDA's <get-data>, so it make me wonder if this paragraph regards
  the contents of <running> or <operational>...

  The 2nd paragraph would make more sense if I was looking at a tree
  diagram.  But then I realize that this would be the same tree-diagram
  that should've been presented in Configured Subscriptions.

  
Advertisement

  The second paragraph seems to be mostly NETCONF specific and 
  therefore belongs in the netconf-binding draft.  In a transport-
  agnostic draft, maybe only features should be discussed?



YANG Data Model Trees

  s/top level YANG Data Node containers/protocol-accessible nodes/

  " If you would rather see" - please use more formal language.


Event Streams Container

  1st paragraph, last sentence: perhaps rephrase as "This enables
  clients to discover what streams a publisher supports."?  BTW, is
  the " and against which subscription is allowed" part important,
  if so, why?

  This tree-diagram does not match what I generate.  This indicates
  that the tree diagrams are not being dynamically-generated.  I
  strongly suggest updating your build script to dynamically generate
  the tree diagrams.  We cannot afford to have them be out of alignment.


Event Stream Filters Container

  "and validated" - is this needed, since *all* configuration is validated?

  s/ which/ that/

  "referenced and used" - is there a difference?  - can you just use one?



Subscriptions Container


  This tree-diagram does not match what I generate.  This indicates
  that the tree diagrams are not being dynamically-generated.  I
  strongly suggest updating your build script to dynamically generate
  the tree diagrams.  We cannot afford to have them be out of alignment.



Data Model


  I going to skip this part, for now at least, as I assume the YANG 
  Doctor will scrutinize it.



Implementation Considerations

 s/ For a deployment/To support deployments/

 s/split subscription/it is recommended to split subscription"

 is " unlikely" the right word?  doesn't it eliminate the concern altogether?

 Regarding the 2nd-half of the 1st paragraph, is it necessary for 
 interoperability reasons for this draft to define how to split the
 subscription identifiers into static and dynamic parts.  Is the
 normative text needed here?  Maybe just describe the current 
 approach as a possible way to go about doing it?  - I think it
 achieves the same goal without using normative text.

 For the 2nd paragraph, this sounds like normative text from earlier
 in the document.  If so, then is it needed here again?

 For the 3rd paragraph, I'm not sure if the second sentence needs to
 be said at all, but at least s/SHOULD/should/ so it's not normative.



Security Considerations

  Regarding the 1st paragraph, aren't *all* operations (configuration
  or RPCs) always authenticated and authorized? 

  Please restructure to follow, in part, the template provided here:
  https://tools.ietf.org/html/draft-ietf-netmod-rfc6087bis-20#section-3.7.1

  Regarding the 2nd and 3rd paragraphs, this sounds good, but isn't 
  this behavior already defined by the draft?  (or should be?)

  Regarding the 4th paragraph, why would the publisher need to the 
  terminate the transport session?  wouldn't it have started to 
  reject dynamic subscriptions when it became overloaded?  Or is
  this trying to say something specific about dropping the transport
  session as a club?  ;)

  Re: the 5th paragraph, this is better than the 1st paragraph, but
  may not be needed if following the template.

  Re: the 6th paragraph, I'm surprised that requirements for transport-
  bindings wasn't discussed before in its own section.  It seems like
  a new thing here, that a receiver's transport might not be secure.
  I'm okay with and support this, btw, as its sometimes better to
  offload devices thru the use of a local collector node, for which
  encryption may not be needed...

  Re: the 7th paragraph, this was said before also, right?

  Re: 2nd to last paragraph, what is the " very-secure" tag?




Kent // contributor