Re: [netconf] updates to client/server suite of drafts
Martin Bjorklund <mbj@tail-f.com> Thu, 21 November 2019 11:11 UTC
Return-Path: <mbj@tail-f.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A9D2120844 for <netconf@ietfa.amsl.com>; Thu, 21 Nov 2019 03:11:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eVRVJN3FwLiS for <netconf@ietfa.amsl.com>; Thu, 21 Nov 2019 03:11:01 -0800 (PST)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id 3F2F21200C1 for <netconf@ietf.org>; Thu, 21 Nov 2019 03:11:01 -0800 (PST)
Received: from localhost (unknown [173.38.220.41]) by mail.tail-f.com (Postfix) with ESMTPSA id 5F2441AE018B; Thu, 21 Nov 2019 12:10:59 +0100 (CET)
Date: Thu, 21 Nov 2019 12:10:27 +0100
Message-Id: <20191121.121027.792252830481287907.mbj@tail-f.com>
To: kent+ietf@watsen.net
Cc: netconf@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <0100016e8a7ebfef-d490b1b8-f55b-45f9-885c-b5bf1d90ec7f-000000@email.amazonses.com>
References: <0100016e8a7ebfef-d490b1b8-f55b-45f9-885c-b5bf1d90ec7f-000000@email.amazonses.com>
X-Mailer: Mew version 6.8 on Emacs 25.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/mlYJSvxrFkQgqUkPFOXcKl0yD50>
Subject: Re: [netconf] updates to client/server suite of drafts
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2019 11:11:02 -0000
Hi, Two quick comments inline. Kent Watsen <kent+ietf@watsen.net> wrote: > I just pushed an update to all the client/server drafts (except TCP). Below is the change log entry for each draft. > > The most noteworthy update is that the http-01 update should (hopefully) resolve the concerns raised by the httpbis chairs. > > The biggest non-update is that the "config false" algs-supported lists were NOT moved from crypto-types to the ssh/tls drafts, only because I ran out of time (and I'm hoping that my co-authors all do it). > > There are still number of FIXME's remaining in the drafts. > > Kent // contributor > > > crypto-types: > - Added the four features: "[encrypted-]one-[a]symmetric-key- > format", each protecting a 'key-format' identity of the same name. > - Added 'must' expressions asserting that the 'key-format' leaf > exists whenever a non-hidden key is specified. This can be made simpler: OLD: leaf public-key-format { nacm:default-deny-write; when "../public-key"; type identityref { base public-key-format; } description "Identifies the key's format."; } leaf public-key { nacm:default-deny-write; type binary; must "../public-key-format"; mandatory true; description "The binary value of the public key. The interpretation of the value is defined by 'public-key-format' field."; } Now, since public-key is mandatory, the 'when' expression on public-key-format will always be true (in a valid config). Hence it isn't needed. And also, since public-key is mandatory the must on public-key really just says that public-key-format is also mandatory: NEW: leaf public-key-format { nacm:default-deny-write; mandatory true; type identityref { base public-key-format; } description "Identifies the key's format."; } leaf public-key { nacm:default-deny-write; type binary; mandatory true; description "The binary value of the public key. The interpretation of the value is defined by 'public-key-format' field."; } > - Improved the 'description' statements and added 'reference' > statements for the 'key-format' identities. > - Added a questionable forward reference to "encrypted-*" leafs in a > couple 'when' expressions. Questionable indeed. I suggest you remove the when expression instead. You have must expressions that says thatt the key-format leaf must exist in the relevant cases anyway. /martin
- [netconf] updates to client/server suite of drafts Kent Watsen
- Re: [netconf] updates to client/server suite of d… Martin Bjorklund
- Re: [netconf] updates to client/server suite of d… Kent Watsen
- Re: [netconf] updates to client/server suite of d… Martin Bjorklund
- Re: [netconf] updates to client/server suite of d… Kent Watsen