Re: [netconf] crypto-types fallback strategy

Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Tue, 08 October 2019 13:02 UTC

Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1C96120052 for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:02:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1D__JK1Ja89a for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:02:26 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50044.outbound.protection.outlook.com [40.107.5.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8F4D120033 for <netconf@ietf.org>; Tue, 8 Oct 2019 06:02:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XfJesC8wAa6dYHEJBLX2EM88elMK4Wl76h38Qrg7C1yDdnkHof/GBXSy2iAMlx8Em7WQVzlIAHyd5Pt8SL/D5dYlccaIO6poyb4CJ67soooHsBxIQ483Wqi2mvKQv+5/lRya4BSMuElH4NzvLFNzuB5B02+OurHo6ovF3zRdiwWCVmbQcQBcJoEHyD1muqmoCJ0anQ2FKyunnXvts50xvAnDJsFg4BOdKyGjowsccgzZSretOceMG5ydxnhCYZTzgosc3DFIZQVoO9dDKVlbP8CA7Cal0C3vn+uignfMP12z1+Y2/MXW/HQGNP8Wtw7zLWzqInMOA3eWw+DhSvP2wg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hu70yFH3pjrlC5TPlnzOHfnay0R+o1SDwoebemsnJ3w=; b=bbYpJaYIncBm7cHet6HOfHPOZRFdCLoJfw/tplbe2ZpencUDeR22tVkAYfrquliqV2TDlTVrEi5fH9hSYhFg11TS4BnfO93FqcekdliT/LKed+feooqN7zjFPL48aSylkdElIPCoplGE8SodPjYytiOBlVGxIIM4NSG95aOLw0dopcHoS11Q1AJlB1/bvOcEALX8u1/Inu7tWFC4/FPao0Gh9wBxAwAEyDff+xv7Vpra5hVJv/XpXu0EXdWs37QpLkd2e3mKip/Qe5zU4a0AWXq8opT/uWKHPwD2+00BzOd6p3Hf9TuSQ73IjXrCRBhwPdyrF/bLXWBqwaBIm/fxPw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hu70yFH3pjrlC5TPlnzOHfnay0R+o1SDwoebemsnJ3w=; b=XOKFLHJu2MWuf3oA6dCMNEMMNGheMQSCTCyV1JA0WKbaf0/Am86ZSvZL+29mLjgIs25Ya40K5f58ALeTcY1G1aDIkx5ZlQc1wavxYLjsXduKBFHdy4W5on42LO+f48D+seZZoFBKqOqO3CnWYXOOmQV4Ez7GBZK+5qIU4/35eHc=
Received: from DB6P190MB0181.EURP190.PROD.OUTLOOK.COM (10.172.229.20) by DB6P190MB0504.EURP190.PROD.OUTLOOK.COM (10.175.241.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.24; Tue, 8 Oct 2019 13:02:23 +0000
Received: from DB6P190MB0181.EURP190.PROD.OUTLOOK.COM ([fe80::3031:b318:b167:f8ee]) by DB6P190MB0181.EURP190.PROD.OUTLOOK.COM ([fe80::3031:b318:b167:f8ee%12]) with mapi id 15.20.2327.026; Tue, 8 Oct 2019 13:02:23 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: Martin Bjorklund <mbj@tail-f.com>
CC: "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] crypto-types fallback strategy
Thread-Index: AQHVfcJcQSS5BIxD8Um+uO2HDtXgK6dQtboA
Date: Tue, 08 Oct 2019 13:02:22 +0000
Message-ID: <20191008130222.5v77yqytgcxytxzc@anna.jacobs.jacobs-university.de>
References: <02f501d57846$e29a3b20$4001a8c0@gateway.2wire.net> <0100016d8834e6b1-d2301e8e-89e5-4fb1-ae58-057e82c4cf7f-000000@email.amazonses.com> <0100016da8b59883-9c9c21fa-5030-4dd5-867e-5e33bf7b379d-000000@email.amazonses.com> <20191008.122208.2297815182441890483.mbj@tail-f.com>
In-Reply-To: <20191008.122208.2297815182441890483.mbj@tail-f.com>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: AM0PR02CA0095.eurprd02.prod.outlook.com (2603:10a6:208:154::36) To DB6P190MB0181.EURP190.PROD.OUTLOOK.COM (2603:10a6:4:88::20)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c260e47e-bb2c-44fb-b6da-08d74befc27e
x-ms-traffictypediagnostic: DB6P190MB0504:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DB6P190MB0504273E0D6EA881CC608D24DE9A0@DB6P190MB0504.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 01842C458A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(396003)(39850400004)(136003)(346002)(189003)(199004)(1076003)(446003)(6246003)(229853002)(6306002)(6486002)(64756008)(66476007)(66556008)(66946007)(43066004)(66446008)(6116002)(6436002)(3450700001)(2906002)(4326008)(486006)(46003)(476003)(11346002)(6512007)(102836004)(256004)(14454004)(186003)(6506007)(478600001)(386003)(71190400001)(71200400001)(5660300002)(45776006)(6916009)(86362001)(316002)(54906003)(786003)(7736002)(25786009)(81166006)(8676002)(81156014)(8936002)(99286004)(76176011)(52116002)(305945005)(4744005); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6P190MB0504; H:DB6P190MB0181.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IxKJWoJ37Y2GttsSWyUY7kSDhtbXXWi0Gp8BpPur6mVghrrGvI3TbBMt1i0dj2+eJXyl0dkP+6ETjPqTtcXPUQjR+MmLOGeDrRU6GgHkHDRmSImNRZFHaH+XdlsdqixJOjWSf7cTbutryVMQ2bZ7pQWaav5xZMkSPa2VTSXYZO89YKyOFWo5Z+ry07ZixLwhQkKhYCadGJmk0gho4FPTU89knjSXhwIcEzEgLK3WoTk2c9ItkLLsWSub35+s7x2qrnZnCgOciBDftj/oUF/uwHyl3gRBCqtiO80e/D8cUsibAxlhvjoJu2XpPvjFSosc6fC4jEAb3U0VfYRsU7DMCDuPnu6c7vRTAgWnchKiMVpOa2Y5jidFh6ySOXi+noJEIXJubqapu7UosYHWkhqKr7d8ySQNjLKHnZrr5SBjQIVjYBME4reM+wBobvfkLXv5yTdneMcc2AV2bksD6CAq9g==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <0621B3E467C4814D8677332A05B304B0@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: c260e47e-bb2c-44fb-b6da-08d74befc27e
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2019 13:02:23.0015 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZakKT8hd61hov6dv701xX2yNwG0vFNL5+uO97EQCHwD6uf9Gdpqh3699IjU+5nY6xuFrxMoWwjCoQx4G5c8Xmqlru03cyua1JruKvGNSal0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P190MB0504
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/tC9VB5RdTs7iywJU64k5t7Q9-NI>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 13:02:28 -0000

On Tue, Oct 08, 2019 at 12:22:08PM +0200, Martin Bjorklund wrote:
> 
> Note that in general, a server may support one set of algs for node A
> and another set of algs for node B.  So just listing the supported set
> of identities is not sufficient.   Which is why I suggest (again) that
> we don't try to solve this problem here and now.
>

We either solve the problem or we have to accept the people create
workarounds. It is no solution to say "we do this next year" over and
over again. And yes, the number of config false lists you need depends
on the number of config knobs.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>