Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

"Eric Voit (evoit)" <evoit@cisco.com> Fri, 27 September 2019 19:57 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA99A120A8E for <netconf@ietfa.amsl.com>; Fri, 27 Sep 2019 12:57:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=YlWjbyY1; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=WvdgS7C3
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lfS3r-H4pIC3 for <netconf@ietfa.amsl.com>; Fri, 27 Sep 2019 12:56:58 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61421120A8C for <netconf@ietf.org>; Fri, 27 Sep 2019 12:56:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=27459; q=dns/txt; s=iport; t=1569614218; x=1570823818; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=WXWundfsWlWkauPRGzxyQz9xrREGHVtUPwyucvhPCmw=; b=YlWjbyY14FrnPqF7hkxXSXRcnWn+dulmtf0NfCCxKZb/kMiAYHi89Q6L AYikj4NLABCFrLyMPwIAlcUvUzCRsmcDIOIueSViNeVry3rDUX7AAYY4h pCfQZ8YrAlzLyPlrcmTG1s3pWR6Zqnz8/0i0mZokiYK+OwwllcqRZYqaj E=;
X-Files: smime.p7s : 3975
IronPort-PHdr: =?us-ascii?q?9a23=3AzdCWBBVMoRahWzMXG2j0/wPK7b/V8LGuZFwc94?= =?us-ascii?q?YnhrRSc6+q45XlOgnF6O5wiEPSANWJ8OpK3uzRta2oGXcN55qMqjgjSNRNTF?= =?us-ascii?q?dE7KdehAk8GIiAAEz/IuTtank3AsNDSHdu/mqwNg5eH8OtL1A=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CQAACXaI5d/5tdJa1mGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQwBAQEBAQGBZ4EcL1ADbVYgBAsqCoQYg0cDileCXIlnjg+CUgNUAgc?= =?us-ascii?q?BAQEJAwEBJQgCAQGEQAKDNyM4EwIDCQEBBAEBAQIBBQRthS0MhUsBAQEBAxI?= =?us-ascii?q?RChMBATAFAgEPAgEIEQQBAQ4aAwICAh8RFAkIAgQBDQUIBhSDAYEdTQMdAQI?= =?us-ascii?q?MozYCgTiIYXWBMoJ9AQEFgTgCg1gNC4IQBwMGgTSBU4o7GIFAP4ERRoJMPoI?= =?us-ascii?q?aRwEBA4FIGAwfCQICglEygiaNJ4I2nH1BCoIig0GCLoEWigSEHYI3h0yEKok?= =?us-ascii?q?ogV+OIYE9hlqCCoskg1kCBAIEBQIOAQEFgWkhgVhwFYMnUBAUgU4MF4NPhRS?= =?us-ascii?q?FP3SBKYx5AYEiAQE?=
X-IronPort-AV: E=Sophos;i="5.64,556,1559520000"; d="p7s'?scan'208,217";a="340473300"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Sep 2019 19:56:57 +0000
Received: from XCH-ALN-010.cisco.com (xch-aln-010.cisco.com [173.36.7.20]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x8RJuuZa022623 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 27 Sep 2019 19:56:56 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-ALN-010.cisco.com (173.36.7.20) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 27 Sep 2019 14:56:56 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 27 Sep 2019 15:41:54 -0400
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 27 Sep 2019 15:41:53 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fzm0xmB7HGXuvph50BwV+g29SBf+Hv3qxG+hLrlNKwwnV5J1ZT4fx8Rkos/zOYDmG4Xgrffb2qIOwSTEdoOWk+FmrAWp6J9ejWZ8bCf0913Z1FOvpfEhaQITaDuiWxkETTn3lZvTgpQRuEIOzVNWMr8RbOADLi9ikkYnj6b2mTcBCC4kQ94zWMifeyjPE921Wj3Wx+vP6akPn9J+sv5QWaTCj/+9ZUQwztlWm0SRsVrdrDLeeGByzg/PJzhaCncgUVfgNcMSUPjiTGjt2NE3kElY6bAe0I9nYW+5h4opr5aKZlHJinzMwdemxYjn/VS3q5YuDr4biVEH/T/gsbmnaQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bQhnm16K85p4WdZUFQOwD0jWSkYEvus+LAS4zWQrliY=; b=iHb/LjUv9BQQDNbYNNJakN7C9J0IeLJjBL2HI6XG6P+iIk+Uhd3VH4rmO8vuLM1Y2do4C1XdI8jiK2wm5+KBARkzzYZ8S/gEsFH8n4QsjNqJzEqUSqvttkUzHL/JKhSieJbBg7OYoYlbuDWwPn6Pj6WLrPjqkhpKRd8r0jXWMlihDyL0Rt4+YL2aLmDaS76gELFsZ87zCBdYwVhfcZVPaR0nbBowlEmGKpraDeUdcHhT3az/iA9AUQ5A35glV38K5SfWAKJE9kld5EUku3S+mqDOQnBq5xqbf4gOyXg21CA8kxqe/fW/eJiS8AKUEG47gO0GmgWJA1kw/O782vRFMA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bQhnm16K85p4WdZUFQOwD0jWSkYEvus+LAS4zWQrliY=; b=WvdgS7C3QsEnAY1ihBG2BoDs413l3Yvk2k8WqGMOo70m8o7wOhsvW/ewHoZNUvT0fCRHfVqMrKw/C9RuL0Z49cnO+W2JUU9V+kbUwhIQd1xec0RtRVzEDACaF0FahoXRdYTJdqrDO75yQ4J44DGc7v6V5FDJnMUbFFFbzfOcFyU=
Received: from BN7PR11MB2627.namprd11.prod.outlook.com (52.135.255.31) by BN7PR11MB2548.namprd11.prod.outlook.com (52.135.254.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2305.17; Fri, 27 Sep 2019 19:41:52 +0000
Received: from BN7PR11MB2627.namprd11.prod.outlook.com ([fe80::61c6:4b6d:cf6c:f095]) by BN7PR11MB2627.namprd11.prod.outlook.com ([fe80::61c6:4b6d:cf6c:f095%3]) with mapi id 15.20.2284.028; Fri, 27 Sep 2019 19:41:52 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: =?utf-8?B?QmFsw6F6cyBMZW5neWVs?= <balazs.lengyel@ericsson.com>, "Mahesh Jethanandani" <mjethanandani@gmail.com>, Alexander Clemm <ludwig@clemm.org>, "Benoit Claise (bclaise)" <bclaise@cisco.com>
CC: Netconf <netconf@ietf.org>
Thread-Topic: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
Thread-Index: AQHVcwCXe43vmPblgUW74U2qSpt2bac7U+nggAQplACAAGtwIA==
Date: Fri, 27 Sep 2019 19:41:52 +0000
Message-ID: <BN7PR11MB262715BE5A88B587E409D3CFA1810@BN7PR11MB2627.namprd11.prod.outlook.com>
References: <D3B39347-DFB7-4BEE-8B22-0EE07AEB1F5A@gmail.com> <4F49DF08-B7FC-4EBD-9D6B-7BC329E50334@gmail.com> <BN7PR11MB262749DCC86F32F725D1C67AA1840@BN7PR11MB2627.namprd11.prod.outlook.com> <VI1PR0701MB22864F116F517E960EC32A0AF0810@VI1PR0701MB2286.eurprd07.prod.outlook.com>
In-Reply-To: <VI1PR0701MB22864F116F517E960EC32A0AF0810@VI1PR0701MB2286.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evoit@cisco.com;
x-originating-ip: [173.38.117.65]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4861fb66-5bf6-4a07-e0d6-08d74382beec
x-ms-traffictypediagnostic: BN7PR11MB2548:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN7PR11MB25486154D39AEE4B5F1847F8A1810@BN7PR11MB2548.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0173C6D4D5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(376002)(346002)(366004)(39860400002)(189003)(199004)(51914003)(6116002)(7736002)(2906002)(33656002)(6436002)(55016002)(11346002)(6246003)(9686003)(476003)(446003)(478600001)(6506007)(81166006)(81156014)(53546011)(8676002)(102836004)(52536014)(7696005)(99286004)(8936002)(9326002)(99936001)(54896002)(26005)(5660300002)(25786009)(6306002)(236005)(66574012)(229853002)(186003)(71200400001)(15650500001)(76176011)(2420400007)(4326008)(256004)(316002)(71190400001)(606006)(66066001)(14454004)(14444005)(66556008)(7110500001)(86362001)(66446008)(6636002)(64756008)(76116006)(74316002)(110136005)(3846002)(66616009)(66946007)(66476007)(790700001)(486006); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2548; H:BN7PR11MB2627.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: RnMzK01hdP6H6+3lKcYDbStOIPV8bTwDLwdBM6jloVJHj+Zvh++O10+wkvJ8o1Ce8C+o4R5zOk7sJ/hgWw5Q8V2tV7usLoPKMZd0G92ncAhQY4jo2/Df7FLla6Aao0ya/mwhRnmAnxHsll0g69563s7jtZ0/PFduS8u2sNIHIM6N6Lmlk/4J9ITjZZdSSzT+mdFeQZvBRIIRqGdtx8C9sNdDYQamKaoktHBpN+pDjG1i7qU+Tx/ibLb2JnOehVI2lDu9OGTABXe5p0ETmgMoy0y7BTTa+b5A5nXmmfZMR3HXIjPglPU0s7ndPvTSuFgkncGaHaCLewhqUgZHlzPH+F/NGPnQJqPSRSj6B/BXPO7VtKvnWc9KNQ8LE2xCcvOfAYr5vzFe67Vk5AAV4+2ffqBex3NCTIEVNVaPsI5EATk=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0428_01D5754A.132B1D40"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4861fb66-5bf6-4a07-e0d6-08d74382beec
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2019 19:41:52.3389 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: eXPe+cg56BWHJ/tDFBL3nZY5O1niwzbUP7BaksVzlZ/DSMUVqHwKc6XR10ije6fZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2548
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.20, xch-aln-010.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/qQXj70RZ3wlPIDBvD-Hw4Pe1ec8>
Subject: Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 19:57:07 -0000

Hi Balazs,

 

Some more thoughts in-line.   I cut out those I think closed.

 

From: Balázs Lengyel <balazs.lengyel@ericsson.com> 
Sent: Friday, September 27, 2019 8:48 AM
To: Eric Voit (evoit) <evoit@cisco.com>om>; Mahesh Jethanandani <mjethanandani@gmail.com>om>; Alexander Clemm <ludwig@clemm.org>rg>; Benoit Claise (bclaise) <bclaise@cisco.com>
Cc: Netconf <netconf@ietf.org>
Subject: RE: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

 

Thanks for the comments. See answers below. 

I hope the group will be ok with using the term publisher instead of server. IMHO it is clearer as the client server relationship can be reversed e.g. for https notification transport.

Balazs

 

From: Eric Voit (evoit) <evoit@cisco.com <mailto:evoit@cisco.com> > 
Sent: 2019. szeptember 24., kedd 23:15
To: Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> >; Balázs Lengyel <balazs.lengyel@ericsson.com <mailto:balazs.lengyel@ericsson.com> >; Alexander Clemm <ludwig@clemm.org <mailto:ludwig@clemm.org> >; Benoit Claise (bclaise) <bclaise@cisco.com <mailto:bclaise@cisco.com> >
Cc: Netconf <netconf@ietf.org <mailto:netconf@ietf.org> >
Subject: RE: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

 

Here are some comments...

 

On-change Notification Capability: Is this different from support for RFC-8641 feature "on-change"?  If they are the same, it might be possible to remove the term.  Especially as this term is used inconsistently.

BALAZS: In RFC 8641 on-change is not defined as a capability. It is used for many more things (e.g. On-change subscription,  trigger condition, type of push updates, a feature.) In this draft the on change capability is just the servers capability to send on-change notification globally, for a specific datastore or a specific data node. Description will be reworded.

<Eric> It will be good to see the reword.   I still am not clear how this different from the RFC-8641 feature "on-change", along with this feature being associated with specific nodes.  

 

 

Section 3

 

Paragraph 2, bullet 2: Instead of  "amount of notifications the server can send out", do you mean "the minimum periodicity of updates which a server can send out for an object"

BALAZS: That too, but also the max-objects-per-update. I was told not to repeat information in the main text and in the YANG module, so I tried to find a wording that covers both. Also  its not always the minimum times. Some servers support  a specific set of times, not a anything over a minimum.

<Eric> Ok, so this bullet is a bucket of various types of information.  Which is fine with me.

 

 

Paragraph 2, bullets 3 & 4: I don't think these should be indented as bullets are they are more about proper behavior of a correctly populated model.

BALAZS: I don’t really understand this comment.  Please explain.

<Eric> Looking at the text, bullets 3 is written to say how capabilities value can be set (i.e., how) rather than that they can be set for different levels (i.e., what).  Getting consistency so that the bullets are all 'how' or all 'what' items would help readability.  

 

 

Paragraph 3, bullets 2: why isn't SHALL instead MUST?   Also, shouldn't this point out that both NETCONF and RESTCONF MUST be supported if on-change is advertised, and this draft is supported?

BALAZS: As I understand RFC 2119 MUST and SHALL both mean the same, but I will change to MUST. No I do not want to mandate implementing both Netconf AND Restconf. IMO a server with just Netconf would work just fine; or maybe I misunderstand your comment?

<Eric> The second part of my comment was about ensuring that IF this model was available, and the publisher supports both RFC-8640 & draft-ietf-netconf-restconf-notif, then this specification MUST be able to push changes over both NETCONF and RESTCONF.    Thinking more, this is actually a generic question which is likely already answered: how do you know which models are supported for which transports.   As advertisement is by transport, I withdraw this question.  

 

 

 

Section 4

 

I suspect that you will need to do a security analysis per YANG object.   This has been done the other YANG push family.

BALAZS: The full module is readOnly and not sensitive or private in any manner.  The security text for the readOnly parts of YangPush is the exact same text: not very informative, but gives you the illusion of security awareness.

<Eric> You can ignore my comment.  In doing RFC-8639, I needed to put in read/write analysis for each object.  And this did sometime include the risks of internally setting values which were read-only from the model.  Perhaps this will not be required during later draft reviews in the publication process.

 

I suspect that manipulating the reporting intervals could have some security implications.   E.g., a hacker could push up the damping period or periodic interval to a level where the information they are changing then becomes invisible to a monitoring system.

BALAZS: The full YAM is read-only so manipulating the data is not a concern.

<Eric> Per my previous point, if the IETF process says you don't need to highlight such possibilities, then I am good.

 

</Eric>

 

Thanks, 

Eric 

 

 

From: netconf <netconf-bounces@ietf.org <mailto:netconf-bounces@ietf.org> > On Behalf Of Mahesh Jethanandani
Sent: Tuesday, September 24, 2019 1:50 PM
To: Netconf <netconf@ietf.org <mailto:netconf@ietf.org> >
Subject: Re: [netconf] WGLC for draft-ietf-netconf-notification-capabilities

 

We were supposed to have closed on the WGLC today. However, between the document becoming a WG item and it going into LC, we have not received too many comments on the draft. As such, we are extending the LC by another week. Please review the draft and provide any comments you might have.

 

Mahesh & Kent (as co-chairs)

 

 

On Sep 10, 2019, at 3:39 PM, Mahesh Jethanandani <mjethanandani@gmail.com <mailto:mjethanandani@gmail.com> > wrote:

 

Authors have published -04 <https://tools.ietf.org/html/draft-ietf-netconf-notification-capabilities-04>  version of the draft, which addresses comments they received in IETF 105. If you provided comments please check to make sure your comments have been addressed. At this point, the authors believe that the document is ready for WGLC.

 

This therefore starts a two week LC, ending on September 24th. Please provide any technical comments you might have on the document. If you believe the document is not ready for LC, please state your reasons.

 

We will issue a IPR poll separately. 

 

Mahesh & Kent (as co-chairs)