Re: [netconf] AD review of draft-ietf-netconf-sztp-csr

["Rob Wilton (rwilton)" <rwilton@cisco.com>]

Hi Kent,

Thanks for the extra details/explanation.  Please see inline …

From: Kent Watsen <kent+ietf@watsen.net>
Sent: 24 June 2021 21:53
To: Rob Wilton (rwilton) <rwilton@cisco.com>
Cc: netconf@ietf.org; draft-ietf-netconf-sztp-csr@ietf.org; netconf-chairs@ietf.org
Subject: Re: AD review of draft-ietf-netconf-sztp-csr

Rob,

I’m not sure.  It feels less RESTful (at least to me) to not allow the data to be provided as a single message, even if in practice that might not make sense in most (almost all) cases.  If you were using a separate YANG RPC to send the crs-support and get the request-info then only including the crs node in the bootstrapping data RPC then I would have no complaints.  I.e., it only feels strange to handle a transactional dependency within the data structures of a single RPC on what is nominally a stateless API.

Also, worth noting that using a separate YANG RPC to transmit the capabilities avoids the need to return an error.  It could just return success with the required information.  Was this approach considered at all, and would this be too big a change?  I’m not trying to create extra work for you, or delay this document …

If a separate RPC to get the capabilities in undesirable or infeasible then changing to a choice seems reasonable, but I would probably suggest keeping “intended” and probably keeping the language on page 4 somewhat open, i.e., not strictly locking it down to doing a handshake.

I’m unsure it it makes sense to be concerned about the RESTfulness of this API.  Yes, it uses RESTCONF, but that is more out of convenience than any inherent need or desire for the API to be "RESTful”.  For instance, note that never could HTTP caches be used, as each message is distinct from any other.

That said, the “get-bootstrapping-data” RPC *is* idempotent, as the same POST (get-bootstrapping-data) returns the same response (assuming the server isn’t updated by an operator in the interim).  This is true also for when sending the “csr-support” and “csr” nodes, as described in the current document.   Of course, the idempotency of a YANG “rpc” statement isn’t that meaningful, relative to a RESTCONF "POST” used to edit configuration (e.g., like <edit-config>)…it’s likely fair to say that YANG RPCs are generally NOT RESTful.

Regarding using a separate RPC (returning a 2XX),  yes it was considered, however note that it is impossible for a generic device to anticipate what the specific deployment’s CA infrastructure will require in terms of 1) if *any* CSR is desired (most often not) and 2) when desired, what key-algorithm and CSR-attributes to use (rarely would the nearly-empty CSR a device could proactively send be viable).

FWIW, if an out-of-band RPC were used, most of the time it would be a roundtrip for a no-op.  The in-band approach currently described is ideal in that it only consumes extra resources when needed.

I hadn’t picked up on that nuance, and I agree that this makes an out of band approach less efficient and less helpful.


That said, it does little harm for the draft to say (in addition to supporting the “in-band” mechanism) “a device MAY obtain the ‘request-info’ through an out-of-band mechanism outside the scope of this document”.  If this resolves your concern, then it’s an easy thing to add, and it may (to your point) provide some flexibility.  I think that it is consistent with your last paragraph above.

Not necessary.  I’m happy with your explanation as to why having it inband pragmatically makes more sense.


I still think we should put “csr-support” and “csr” under a "choice” though, as the use-case for sending both at the same time is very small and it seems wrong to encourage/suggest it’s a good idea or to ask servers to have to support the case.

Agreed.



4. References.  RFC 3688 probably should be normative for the XML
registry, noting that


RFC 6020 is normatively referenced.

Really?  I tend to disagree as I thought the litmus test for if something were
normative was if it had to be understood in order to implement the RFC.

I guess the logic here is that you need to understand RFC 6020 to understand the registry that is having entries added (given that RFC 7950 doesn't define the registry).

But, as per below, I'll check with the IESG on this one.




You raise an interesting point about RFC 6020 being Normative, as I see that
it is NOT normative in at least one of my other drafts.  I think that it is a
reasonable position that, if the RFC 6020 reference is only present in the
IANA Considerations section, then it is INFORMATIVE as far as the draft as a
whole goes.  Thoughts?

Let me check with the IESG and get back to you on this one.  Although, perhaps worth noting that both these references are normative in RFC 8343 (and they are only referenced from the IANA registry entries).

Ack, I will wait for your response on this item.

I didn’t really get a strong answer from other ADs on this.

Some of us felt that a normative reference is appropriate (because you need to understand the meaning of the registry that is being updated), and nobody objected to that characterization, but equally, some ADs didn’t think that Informative is necessarily wrong and it is probably not worth worrying about.

My recommendation is to make them normative, because that is what has been done for other RFCs with YANG modules (and consistency is good), and I don’t see any other ADs objecting to this approach.  I would regard this as the path of least resistance.

Regarding "because you need to understand the meaning of the registry that is being updated”, “you" only refers to IANA, right?   I don’t think SZTP-client and/or SZTP-server developers need to know about IANA registries to implement the document, right again?   Consistency is good, yes, but not when consistently-wrong  ;)   [I’m speaking theoretically here, not to any particular group of people]

My understanding is more along these lines:

To fully understand everything in the RFC (i.e., definition of a normative reference), a reader of the RFC would need to understand what is meant by the draft adding an entry to a registry.  I.e., I’m not saying that a normative reference is needed to understand the act of adding a field to a registry, but it is necessary to understand the significance of why that matters.  In this case, the author should understand that adding an entry to module name registry means that it should be a (hopefully globally) unique name for that module and not defined in another RFC with an entirely different definition.  I.e., it should be possible to fetch the module from a reputable source by (name, revision) without having to extract it from the RFC (which would be required if it was not uniquely named).

A separate argument is that this document logically has a dependency on that IANA registry existing, and often those dependencies between documents are often indicated as normative references to indicate the dependency.

Note, there is also a bit of text in section 3.1 of RFC 8216 which indicates that a reference to the RFC definition the registry is expected, but not what sort of reference that should be.


This is not something I care to block on, but I do want Normative references to adhere to the principle of they are for  *implementors* (which doesn’t include IANA, IMO).  Related, there’s also the XML Registry (RFC 3688); should all documents publishing a YANG module have a Normative reference due to an IANA instruction?  [PS: some RFCs exist (i.e., published) already having RFC 3688 as Informative…I wouldn’t by surprised if some also exist having RFC 6020 as Informative, but a quick search didn’t find any]
I also do not intend to block the document on this point.  But I don’t think that normative references are just for implementors, they also define anything that is required to be stable for the published standard to be stable, i.e., to avoid relying on something that could change under our feet.
On the XML registry question, the answer is yes.   I’m suggesting that all documents that update registries should normatively reference the document that defines the registry.
More generally, I’m not entirely sure that the split between normative and informative references is that helpful and seems to cause more discussion that it is worth.  I would really prefer that there were 3 categories of references (or perhaps one of the existing categories are split into 2).

  1.  Docs that an author is recommended to read before reading this doc.
  2.  Docs that this document relies on for this specification to be correct.
  3.  Other related docs that readers of this document might find helpful.
Today, I see that normative references cover both (1) and (2), but for most readers I suspect that is only (1) that is really useful to them.  FWIW, I would put the 6020 and 3688 references into the second category.
Another question that comes up are references for optional features (which according to the current rules need to be normative).  If these are features that readers are unlikely to care about, then again I see them as fitting into (2) rather than (1).
I suspect that most RFCs today, handle the split between (1) and (2) in an adhoc way, by having the introduction describe briefly reference the docs that fit into (1).


BTW, other drafts in your queue have "Informative” set for RFC 6020, and one (netconf-notification-capabilities) incorrectly references RFC 7950 instead of RFC 6020 (As shepherd, I apologize for missing it, but it’s one thing to test if all the references provided are accurate [i.e., the doc *does* have a normative dependency on 7950], and another to see if any references were missing altogether…i.e., finding the gaps).
Thanks.  I think that I picked up on this in my AD review.


PS: there’s a separate email thread (Reuse of SZTP-CSR YANG definition in BRSKI-AE) regarding this document that is pending your feedback.  Ideally I can collect that and thus apply all updates in one shot.
Sorry, I had missed this thread.  I’ve now replied.
Thanks,
Rob

K.