IETF Logo Mail Archive

Re: [netconf] HTTPS notifications (draft-ietf-netconf-https-notif)

"Eric Voit (evoit)" <evoit@cisco.com> Tue, 24 September 2019 13:45 UTC

Return-Path: <evoit@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1914120026 for <netconf@ietfa.amsl.com>; Tue, 24 Sep 2019 06:45:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=jKY13sf5; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=z1btXEuk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JUvFbIG2hGN4 for <netconf@ietfa.amsl.com>; Tue, 24 Sep 2019 06:45:42 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD7F6120804 for <netconf@ietf.org>; Tue, 24 Sep 2019 06:45:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9479; q=dns/txt; s=iport; t=1569332742; x=1570542342; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Y7X3ct2s5VOiX+kP1Z4KQlEPu8DTMRlmsvYQzaeVptU=; b=jKY13sf5j6eBu5TXGbBA4I35AeuZF7xjmWpADtWoA8tlDr8Pcluc32M9 jABRPpZJUNFj3Q+4FQmzPPTSgaDGX73lQUKGRCXsjS+lr9SXzLWcqzVeg t2lZnj+tN8jC91cL056eciFMFRTbMRKsNv0jpFC4qArsafHZXklnlr+Gk U=;
X-Files: smime.p7s : 3975
IronPort-PHdr: 9a23:FRGo8RJPnXrA4lts4NmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeCtad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXEDlK//2Ryc7B89FElRi+iLzPA==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AUAACuHYpd/4wNJK1lGgEBAQEBAgEBAQEMAgEBAQGBVQMBAQEBCwGBSlADbVYgBAsqCodfA4p1glyXdIEuFIEQA1QCBwEBAQkDAQEYCwoCAQGDekUCgyEjNgcOAgMJAQEEAQEBAgEFBG2FLQyFSgEBAQMBAQEQFRkBASwJAgEPAgEIDgYRIQIlCyUCBAENBQgGFIMBgR1NAw4PAQIMolUCgTiIYYFyM4J9AQEFhRIYghAHCYE0AYFQijgYgUA/gVeCTD6CYQEBgS4BEgEJGBUJHoJ/giaWBpcKCoIig0GCLoEWjiCZJY4agxiCPII/kQICBAIEBQIOAQEFgVkDLmdxcBU7gmwJRxAUgU6DcoRLSYU/c4EpiSgHCBeBCwGBIgEB
X-IronPort-AV: E=Sophos;i="5.64,544,1559520000"; d="p7s'?scan'208";a="548741475"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 24 Sep 2019 13:45:25 +0000
Received: from XCH-RCD-006.cisco.com (xch-rcd-006.cisco.com [173.37.102.16]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id x8ODjPIk013707 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 24 Sep 2019 13:45:25 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-RCD-006.cisco.com (173.37.102.16) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 24 Sep 2019 08:45:24 -0500
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 24 Sep 2019 09:45:24 -0400
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 24 Sep 2019 08:45:24 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OcHX28jt1mM+rujivQa0Kc43mVSfvgdM3n/0bmmkS/mV4wt0gIX+VNdi/G6u3Zrr1e99Hh4LhEbCkaIhnkTzPZfyc8Yw7Gco80zcBSSRUb4ztJfBWy4g+awO3cpRHivftpofX54CiIS1mIiIHBCaasqx1vN5GRdaOBf/X1t2XdPwzRUJqi4GtBR+JCX5thCUpPf4R5IU1dRnWYPiSP7vINV1VcEX1oGEMknRt0t+UWj/32EM/k2m74fA6qnm9N5T9oBxWM4aYv/G+P6xErMSMhTOYYdnxMDrAY4IS2oH6Ma+ODIcROsEAC9afPX/x47MsM1U/xtrfsHDGKDEOvNvng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z13Ro9wuYV8v11d6QYofxReNRLfPRhPBwikqlO3e0HU=; b=ZqItjVYacJdCu+Zpx8ToFWxvZf23/Da9GIZbVfOCw5CbxOthk4LxvoL2fUPAD223tj00QbtIY8gHNuOyC5xWk2/maGC+wc6OQq0KSTd5cUVQOqqIvhX1tOlc+KF1GI5Gkh5soFFanXCKbMy+4C8JVpke0y/In9TcF8wS1OLVhr31H9cspifJ3cGDHKcprblHNB58PLKX7vEHFs4rCwF2w5FUoGuAzN5WEH0GytMKC3ZOFTkfmdcbpEsLXkrJrt7I4oeLK2mPtLUVPoLBS7rwd2yQ3qw5YTsWYkHg37x/5Bs7x4ODvMNGKPtYiu/7tF3cQEh1A8BuKk1CCnM7ZUMx3Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z13Ro9wuYV8v11d6QYofxReNRLfPRhPBwikqlO3e0HU=; b=z1btXEukWQKzHa6iFN6Fco/zm2iBwpF+KoqSTfGjW46X2WWpf4FyzIT2hh3vF8adwy++vndfLwawpjJPUb8qLlDsFReErjDzn1OUgGEf8Z/2CGH17SH4joiLUDm3ol2zZztB3fgIET7wwpLu0Av80ygKVFyLa5q0HwxZDLVqUkQ=
Received: from BN7PR11MB2627.namprd11.prod.outlook.com (52.135.255.31) by BN7PR11MB2785.namprd11.prod.outlook.com (52.135.254.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.20; Tue, 24 Sep 2019 13:45:22 +0000
Received: from BN7PR11MB2627.namprd11.prod.outlook.com ([fe80::61c6:4b6d:cf6c:f095]) by BN7PR11MB2627.namprd11.prod.outlook.com ([fe80::61c6:4b6d:cf6c:f095%3]) with mapi id 15.20.2284.023; Tue, 24 Sep 2019 13:45:22 +0000
From: "Eric Voit (evoit)" <evoit@cisco.com>
To: Martin Bjorklund <mbj@tail-f.com>, "kent@watsen.net" <kent@watsen.net>
CC: "balazs.lengyel=40ericsson.com@dmarc.ietf.org" <balazs.lengyel=40ericsson.com@dmarc.ietf.org>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] HTTPS notifications (draft-ietf-netconf-https-notif)
Thread-Index: AQHVcm8M1F2iC/feQE6yftH94OJ7Eac6YpMAgABf18A=
Date: Tue, 24 Sep 2019 13:45:22 +0000
Message-ID: <BN7PR11MB262795493DD8079F2A3D02EDA1840@BN7PR11MB2627.namprd11.prod.outlook.com>
References: <VI1PR0701MB22862DB97D9F2389D859270FF0850@VI1PR0701MB2286.eurprd07.prod.outlook.com> <0100016d60ab5732-3db5a046-a7b1-4386-b507-977cfa0cd25b-000000@email.amazonses.com> <20190924.084558.420273240258823379.mbj@tail-f.com>
In-Reply-To: <20190924.084558.420273240258823379.mbj@tail-f.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evoit@cisco.com;
x-originating-ip: [173.38.117.75]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cbf9d175-2d44-43bf-f664-08d740f57288
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600167)(711020)(4605104)(1401327)(2017052603328)(49563074)(7193020); SRVR:BN7PR11MB2785;
x-ms-traffictypediagnostic: BN7PR11MB2785:
x-microsoft-antispam-prvs: <BN7PR11MB278569D5F662BD5E5B225BB9A1840@BN7PR11MB2785.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0170DAF08C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(376002)(366004)(346002)(136003)(396003)(199004)(189003)(71190400001)(71200400001)(229853002)(76116006)(8936002)(25786009)(3846002)(316002)(99936001)(110136005)(54906003)(6116002)(2906002)(86362001)(446003)(11346002)(5660300002)(476003)(66616009)(66476007)(74316002)(486006)(66946007)(66556008)(7736002)(305945005)(64756008)(66446008)(6506007)(81166006)(81156014)(102836004)(6246003)(52536014)(6436002)(33656002)(15650500001)(14454004)(7696005)(2501003)(2420400007)(4326008)(8676002)(76176011)(99286004)(7110500001)(966005)(256004)(14444005)(6306002)(9686003)(186003)(55016002)(66066001)(478600001)(26005); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2785; H:BN7PR11MB2627.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: nPzK0iyyACs+Uo2Fgf0SUQvrEY8vGyUrZ8sT6/SmkRDjo5FYwDR1JtoHd3mAQbYbaUBaMu7NytaY3lxwiQGv3ui/yluT0/qiFLbCiFdS45sVXd195u/DAIzmMJLoZ6DuAHX1LmykfxhmIe7MT7bUfCOOYItvJkdbiwbsLjFNgdgN55tubRFCx5Zovx5ljZ8Pdixd0A+EDBeVUAzqG6OErXbDs4OmYlsXQp20lqZ+3lDCgFFLawf2i1/+zJkIzQydmywbux/mSKopWwKsIjdf2ZM3b7Cim3Ms7ZvducSWgpECg1wHcpeZJAxVYkbY0fUEmwhXDo4cpGop04bfFadTx7gNZXdOy4MpfpMv+IsTp6CUOTmvYHYKr1cmFM7M1BZmqkT1EjP57dYql3V66Z6EsLmla+UEJYVN2535R97xFA0=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_011D_01D572BC.C44B1250"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: cbf9d175-2d44-43bf-f664-08d740f57288
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Sep 2019 13:45:22.6889 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0aMMNAZvJfKhN4S0sIK8x0vxUXwNSRJRzziTVRObtP10Ax8L+Mt2UAuXrHltwx3N
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2785
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.16, xch-rcd-006.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/tiVxEvSrkmpsIFA-HfEbThiXdOE>
Subject: Re: [netconf] HTTPS notifications (draft-ietf-netconf-https-notif)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Sep 2019 13:45:44 -0000


> > From the email I sent Martin on Sep 9th, each POST MAY contain more
> > than one notification:
> 
> .... to which I replied:
> 
>   I'm not so sure about the streaming though.
>   Perhaps pipelining is the right mechanism.  For "bulk" sending, the
>   "bundled-message" defined in draft-ietf-netconf-notification-messages
>   seems right.
> 
> To clarify: if the client just sends a stream of notifs it becomes a
variant of
> SSE.  The server doesn't know when the stream will end, and thus cannot
> simply close the session.  You probably want to indicate end-of-message
> somehow (like in SSE).  And the content type in the example below cannot
> be "application/yang-data+xml", since it is not a valid XML instance
> document; you'd have to invent a new media type to indicate the streaming.
> 
> I think we should stick to simple HTTP where each notif is POSTed, as in
your
> diagaram above.  With HTTP pipelining you can do:
> 
> ------> establish TCP
> ------> establish TLS
> ------> Send HTTPS POST message with YANG defined notification 1 Send
> ------> HTTPS POST message with YANG defined notification 2
> <-----Send 204 (No Content) for 1
> <-----Send 204 (No Content) for 2
> 
> ------> Send HTTPS POST message with YANG defined notification 3
> <-----Send 204 (No Content) for 3
> 
> 
> If the server wants to send multiple notifs at once, it can use "bundled-
> message".

This seems a reasonable approach. draft-ietf-netconf-notification-messages
has several advantages:
(1) can push multiple YANG notifications at once
(2) can include the subscription-id in notifications when subscribing to a
stream.  (Right now including an explicit subscription-id is only available
when subscribing to a datastore.)
(3) includes methods to discover lost/dropped notifications

Two things which would need to be worked:
(1) discovering receiver support for bundled notifications.  (As some form
of understanding/verifying configured receiver support over HTTP is already
needed, this is a topic which perhaps can be merged into that.)
(2) Completion of draft-ietf-netmod-yang-data-ext 

Eric

> /martin
> 
> 
> >
> >     POST /some/path HTTP/1.1
> >     Host: my-receiver.my-domain.com <http://my-receiver.my-
> domain.com/>
> >     Content-Type: application/yang-data+xml
> >
> >     <notification
> >       xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
> >       <eventTime>2019-03-22T12:35:00Z</eventTime>
> >       <foo xmlns="https://example.com
> >       <https://example.com/>/my-foobar-module">
> >         ...
> >       </foo>
> >     </notification>
> >
> >     <notification
> >       xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
> >       <eventTime>2019-03-22T12:35:00Z</eventTime>
> >       <bar xmlns="https://example.com
> >       <https://example.com/>/my-foobar-module">
> >         ...
> >       </bar>
> >     </notification>
> >
> >     <notification
> >       xmlns="urn:ietf:params:xml:ns:netconf:notification:1.0">
> >       <eventTime>2019-03-22T12:35:00Z</eventTime>
> >       <baz xmlns="https://example.com
> >       <https://example.com/>/my-foobar-module">
> >         ...
> >       </baz>
> >     </notification>
> >
> >
> > With response:
> >
> >       HTTP/1.1 204 No Content
> >       Date: Thu, 26 Jan 2017 20:56:30 GMT
> >       Server: my-receiver.my-domain.com
> > <http://my-receiver.my-domain.com/>
> >
> >
> > Kent // co-author
> >
> >
> 
> _______________________________________________
> netconf mailing list
> netconf@ietf.org
> https://www.ietf.org/mailman/listinfo/netconf

v2.23.0 | Report a Bug | By Email