IETF Logo Mail Archive

Re: [Netconf] Draft Charter Proposal for NETCONF WG

"Acee Lindem (acee)" <acee@cisco.com> Wed, 22 March 2017 22:35 UTC

Return-Path: <acee@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 272C1127342; Wed, 22 Mar 2017 15:35:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Level:
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TQ0XzJ2eCu8x; Wed, 22 Mar 2017 15:35:21 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45CBA12709D; Wed, 22 Mar 2017 15:35:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1809; q=dns/txt; s=iport; t=1490222121; x=1491431721; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=31U5BaJ5CV/E0ksxvgdQG4la6f2aiRLS0hR3Qd/D28Q=; b=WifTtSGRGH+mJZjCONNcQ7taqonuI5M5rHGxS4D6JuhqxkuoxkCjVFOz 0CdFo7p9r0KNoPn36MI/zaSxMwqyCflyyo3UMSZKZdrxrwhNkUPwyWlLR Co5plAWsCOLT8b5OCuTtM67rVeVIWhbPo4Bqrg2iqk+I8tjRlBNx0Zt4L I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ATAQD++tJY/5hdJa1dGQEBAQEBAQEBAQEBBwEBAQEBg1GBaweNaqUagg+CDoYiAoMqPxgBAgEBAQEBAQFrKIUWBnkQAgEIDjgyJQIEAQ0FigStIIo6AQEBAQEBAQEBAQEBAQEBAQEBAQEeiz2EMCSFZQEEkB6MMwGSRoF7iQGGM4hViwoBHziBBFkVGIcBdYdEgTCBDQEBAQ
X-IronPort-AV: E=Sophos;i="5.36,206,1486425600"; d="scan'208";a="227289613"
Received: from rcdn-core-1.cisco.com ([173.37.93.152]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Mar 2017 22:35:20 +0000
Received: from XCH-RTP-013.cisco.com (xch-rtp-013.cisco.com [64.101.220.153]) by rcdn-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id v2MMZKra006578 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 22 Mar 2017 22:35:20 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-013.cisco.com (64.101.220.153) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 22 Mar 2017 18:35:19 -0400
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1210.000; Wed, 22 Mar 2017 18:35:19 -0400
From: "Acee Lindem (acee)" <acee@cisco.com>
To: Kent Watsen <kwatsen@juniper.net>, Mahesh Jethanandani <mjethanandani@gmail.com>
CC: Netconf <netconf@ietf.org>, "draft-ietf-rtgwg-yang-key-chain.all@ietf.org" <draft-ietf-rtgwg-yang-key-chain.all@ietf.org>
Thread-Topic: [Netconf] Draft Charter Proposal for NETCONF WG
Thread-Index: AdKROeE3sjloti5TfEiMBOab9w67OwAgSeNTAAMyYgAABKtfAAAmUhvuAAqrwYAAXzKn3gAB6uUAAAIQ/gAAyiJeAAAC57eAAAAVAwAAAlfsAAACJWiAAAN6WAD//+pRAIAPgnqAgATDTICAASefpIAAKg0AgABUkwD//9E3gIACAQEA///Hy4CAAALPAIAARuQA
Date: Wed, 22 Mar 2017 22:35:19 +0000
Message-ID: <D4F8733F.A3BE1%acee@cisco.com>
References: <CABCOCHSacn15vfo8MR0K-UJJo6E0AZ14Gwj3M43KYkgbtwK8Kg@mail.gmail.com> <005101d2975f$ae87ac20$0b970460$@ndzh.com> <017d01d29769$0df70b20$29e52160$@gmail.com> <010701d29771$a45f66e0$ed1e34a0$@ndzh.com> <026601d2977f$8d059600$a710c200$@gmail.com> <685B9088-7557-4C6E-9A8F-54C3208DB312@juniper.net> <7217bc23-0e1e-c250-929d-e18c3f0a800f@cisco.com> <07b601d2a197$9865d5b0$c9318110$@gmail.com> <02ee01d2a22b$295b2be0$4001a8c0@gateway.2wire.net> <BA52FB19-D4B9-4E1A-BFE5-7CCE6F5554B1@juniper.net> <20170321174358.GA36769@elstar.local> <65E2B5E1-A1D0-45C1-94E8-F10A35042295@juniper.net> <FF00B7D1-0418-49C5-93AF-59D837354879@gmail.com> <4A73C3C3-61F3-4988-B163-264B29EE1BA0@juniper.net> <445D4A52-0EC8-4AAD-ABC4-22CAC3B3169A@juniper.net>
In-Reply-To: <445D4A52-0EC8-4AAD-ABC4-22CAC3B3169A@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.198]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <AE2279D708361C41835C565314752A32@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/e1klQZT_FxvrVp96KHuv718hbIc>
Subject: Re: [Netconf] Draft Charter Proposal for NETCONF WG
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Mar 2017 22:35:23 -0000

Kent,


On 3/22/17, 6:21 PM, "Kent Watsen" <kwatsen@juniper.net> wrote:

>[resending, sorry, wrong key-chain draft alias used before]
>
>
>
>Hi Mahesh,
>
>
>>> Again, a keystore is not limited to asymmetric keys.   At the moment
>>> it is exclusively asymmetric, but that's only because we (the authors)
>>> moved the passwords (read symmetric keys) that were present in the
>>> previous version to the ietf-ssh-client module, but they may return,
>>> as many real-world keystore mechanisms do manage passwords as well
>>> (e.g., Mac OSX's Keychain Access utility).
>>> 
>>> The module names are fine, but we could update the draft title. How
>>> about "A System-level Keystore Model"?
>>
>>
>> How about "Asymmetric Key System-level Keystore Model"?
>> 
>> And add a reference to keychain model for symmetric keys.
>
>
>Regarding "asymmetric", as mentioned above, while the keystore module
>is currently exclusively asymmetric, it's probable that passwords will
>be added to it in the future.
>
>Regarding "system-level", I'm not 100% sure.  Specifically, the PCE-PCEP
>use of the ietf-tls-client module, which uses the keystore module, gives
>me pause.  Is it still a system-level use then?
>
>Maybe one of the authors of the RTGWG key-chain draft to try to express
>how the two modules differ,

Is this a trick question? As the author of ietf-keystore, I¹d fully expect
that you know the difference.

>and why they shouldn't be merged into one
>draft.

They shouldn¹t be merged since they serve entirely different purposes and
will be implemented and deployed by different sets of network devices.
Furthermore, the key-chain draft is more mature and referenced by 6-10
other IETF YANG models.

Thanks,
Acee 


>
>Thanks,
>Kent
>
>
>

v2.23.0 | Report a Bug | By Email