Re: [netconf] [Last-Call] Secdir last call review of draft-ietf-netconf-http-client-server-16
Kent Watsen <kent+ietf@watsen.net> Tue, 20 February 2024 01:18 UTC
Return-Path: <0100018dc4179d87-f1b38ca2-6f10-4ad5-b1a6-394360092ee5-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8F28C14F709; Mon, 19 Feb 2024 17:18:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IYcDXSF2SWKx; Mon, 19 Feb 2024 17:18:20 -0800 (PST)
Received: from a48-93.smtp-out.amazonses.com (a48-93.smtp-out.amazonses.com [54.240.48.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0F58C14F70F; Mon, 19 Feb 2024 17:18:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1708391898; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=3cX0mAWGfk8swzq4Ld+/fF2rJxlIjmiTwGxvrPHOIhs=; b=gz75kSQsSm+VBz0rF4Re2sfSBO/v9zOJLxR9Lzq1WwevOEH8Mhr4ZOV35h1LRmiG vxapHkTrbcl+HFb7XqEGsxkeocRMWAFScUDiV2RNQgvaoTxFDg002cf7wfLkJ23L4h5 OHZ9vp1KLzCmcYNOX9af2sHg0YmOk4ySz06+z9kM=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100018dc4179d87-f1b38ca2-6f10-4ad5-b1a6-394360092ee5-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_E43D14DE-022D-47FE-A12B-D964EA6EFED7"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Date: Tue, 20 Feb 2024 01:18:18 +0000
In-Reply-To: <CAG3f7Mg-HkQPkV4w=kwSfpk8u8cbQbJU+61tpoZSTxC_JMWgzw@mail.gmail.com>
Cc: secdir@ietf.org, draft-ietf-netconf-http-client-server.all@ietf.org, last-call@ietf.org, "netconf@ietf.org" <netconf@ietf.org>
To: Shivan Kaul Sahib <shivankaulsahib@gmail.com>
References: <170753393187.36817.12725850532997691597@ietfa.amsl.com> <0100018d9ebe5603-4201597f-dbb2-4c63-ba32-f94da0979463-000000@email.amazonses.com> <CAG3f7Mg-HkQPkV4w=kwSfpk8u8cbQbJU+61tpoZSTxC_JMWgzw@mail.gmail.com>
X-Mailer: Apple Mail (2.3731.600.7)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.02.20-54.240.48.93
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/i0IvPJN-mmO1ErgHyX5cywYzOuE>
Subject: Re: [netconf] [Last-Call] Secdir last call review of draft-ietf-netconf-http-client-server-16
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Feb 2024 01:18:20 -0000
Hi Shivan, > On Feb 15, 2024, at 8:05 PM, Shivan Kaul Sahib <shivankaulsahib@gmail.com> wrote: > > > > On Mon, 12 Feb 2024 at 11:14, Kent Watsen <kent+ietf@watsen.net <mailto:kent%2Bietf@watsen.net>> wrote: >> Hi Shivan, >> >> Thank you for your review! >> Responses below. >> >> Kent >> >> >>> On Feb 9, 2024, at 9:58 PM, Shivan Sahib via Datatracker <noreply@ietf.org <mailto:noreply@ietf.org>> wrote: >>> >>> Reviewer: Shivan Sahib >>> Review result: Has Nits >>> >>> It looks like the document previously got review from HTTP WG, and generally >>> looks well thought out. >> >> Thanks. >> >> >>> However, I'm not sure why only TCP and TLS are discussed in >>> https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.2. >>> Is the intention that network protocols like QUIC can be "augmented" in? >> >> This document doesn’t support QUIC (yet). >> The document’s title is “YANG Groupings for HTTP 1.1/2.0 Clients and HTTP Servers”. >> >> >> Everybody wants this document to support QUIC. >> Doing this would entail a new document called “quic-client-server”. >> >> Do you know if there are any quic-specific configurations, beyond >> the basic UDP local/remote/ address/port config? >> - for either the client or the server? > > I guess a broader question I had (non-blocking security wise) is who is looking to deploy this document? Are those parties not interested in QUIC? Two answers: 1) The NETCONF WG, in order to enable the configuration of RESTCONF clients and servers. Technically, RFC 8040 (RESTCONF) allows RESTCONF to run on top on QUIC but, AFAIKt, most RESTCONF implementations are HTTP 1.1. 2) Other WGs and/or SDOs. This document is meant to support configuration of any HTTP-based client/server. That said, no one other than the IESG has ever asked for QUIC support in the 5-years the document has been active. I believe the answer is, AFAIK, those parties are not (currently) interested in QUIC. >>> I suspected that, but in that case, it should be mentioned the same way Basic >>> auth is explicitly mentioned to be only one of the ways auth can happen with a >>> MAY for other schemes: >>> https://datatracker.ietf.org/doc/html/draft-ietf-netconf-http-client-server-16#section-2.1.2.1-4.4 >> >> I just added the following sentence to that section: >> >> The "proxy-connect" node defines support for HTTP 1.1 and HTTP 2.0. Support >> for other protocols versions, e.g., HTTP/3, MAY be augmented in via future work. > > s/protocols/protocol, but lgtm otherwise. Fixed - thanks! K.
- [netconf] Secdir last call review of draft-ietf-n… Shivan Sahib via Datatracker
- Re: [netconf] Secdir last call review of draft-ie… Kent Watsen
- Re: [netconf] Secdir last call review of draft-ie… Shivan Kaul Sahib
- Re: [netconf] [Last-Call] Secdir last call review… Kent Watsen