Re: [netconf] updates to client/server drafts
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Tue, 11 June 2019 17:40 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDDBC120133 for <netconf@ietfa.amsl.com>; Tue, 11 Jun 2019 10:40:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ymL1Q2U-zPt1 for <netconf@ietfa.amsl.com>; Tue, 11 Jun 2019 10:40:28 -0700 (PDT)
Received: from atlas5.jacobs-university.de (atlas5.jacobs-university.de [212.201.44.20]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B921C12012A for <netconf@ietf.org>; Tue, 11 Jun 2019 10:40:27 -0700 (PDT)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas5.jacobs-university.de (Postfix) with ESMTP id 479D9654; Tue, 11 Jun 2019 19:40:26 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas5.jacobs-university.de ([10.70.0.198]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10032) with ESMTP id 6UpwSJHLAxHA; Tue, 11 Jun 2019 19:40:26 +0200 (CEST)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "DFN-Verein Global Issuing CA" (verified OK)) by atlas5.jacobs-university.de (Postfix) with ESMTPS; Tue, 11 Jun 2019 19:40:26 +0200 (CEST)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by hermes.jacobs-university.de (Postfix) with ESMTP id 0149E20128; Tue, 11 Jun 2019 19:40:26 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10028) with ESMTP id HEbsT7WfNqYU; Tue, 11 Jun 2019 19:40:25 +0200 (CEST)
Received: from exchange.jacobs-university.de (SXCHMB01.jacobs.jacobs-university.de [10.70.0.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "exchange.jacobs-university.de", Issuer "DFN-Verein Global Issuing CA" (verified OK)) by hermes.jacobs-university.de (Postfix) with ESMTPS id B15F920126; Tue, 11 Jun 2019 19:40:25 +0200 (CEST)
Received: from anna.localdomain (10.50.218.117) by sxchmb03.jacobs.jacobs-university.de (10.70.0.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Tue, 11 Jun 2019 19:40:25 +0200
Received: by anna.localdomain (Postfix, from userid 501) id DB3F3300A2A5AC; Tue, 11 Jun 2019 19:40:24 +0200 (CEST)
Date: Tue, 11 Jun 2019 19:40:24 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Kent Watsen <kent+ietf@watsen.net>
CC: "netconf@ietf.org" <netconf@ietf.org>
Message-ID: <20190611174024.bbtb2vnoeef3ym4f@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Kent Watsen <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
References: <0100016b340e6eb9-e4442a9d-8d44-4f9e-af5c-14ae323a47e2-000000@email.amazonses.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <0100016b340e6eb9-e4442a9d-8d44-4f9e-af5c-14ae323a47e2-000000@email.amazonses.com>
User-Agent: NeoMutt/20180716
X-ClientProxiedBy: SXCHMB03.jacobs.jacobs-university.de (10.70.0.155) To sxchmb03.jacobs.jacobs-university.de (10.70.0.155)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/u18euJLQB669D1WEjj2RUG5iFpk>
Subject: Re: [netconf] updates to client/server drafts
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 17:40:30 -0000
On Fri, Jun 07, 2019 at 10:28:09PM +0000, Kent Watsen wrote: > > The updates can be broadly described as thus: > > 1) in crypto-types, replaced the 'action' statements with 'crypt-hash' like equivalents. If folks don't like the "verbs", then we can simply remove them, having no solution for asking the device to generate a key or install a hidden key. > I am not sure this approach. This just hides the discussion in a special purpose construction: Without the optional '-and-hidden' postfix, the generated key pair is stored in the configuration data store as if the values had been configured by the client. A more general note: I assume that humans configuring systems are mostly familiar with common file formats for X.509 certificates like .pem files or similar. It seems these formats can't be used with the YANG module and that tools are needed to extract the pieces of data and to ship them to the server. Perhaps usability would be higher if the module would support upload/download of X.509 related material in commonly used formats. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netconf] updates to client/server drafts Kent Watsen
- Re: [netconf] updates to client/server drafts Kent Watsen
- Re: [netconf] updates to client/server drafts Juergen Schoenwaelder
- Re: [netconf] updates to client/server drafts Kent Watsen
- Re: [netconf] updates to client/server drafts Juergen Schoenwaelder
- Re: [netconf] updates to client/server drafts Martin Bjorklund
- Re: [netconf] updates to client/server drafts Juergen Schoenwaelder
- Re: [netconf] updates to client/server drafts Martin Bjorklund
- Re: [netconf] updates to client/server drafts Kent Watsen
- Re: [netconf] updates to client/server drafts Martin Bjorklund
- Re: [netconf] updates to client/server drafts Rob Wilton (rwilton)
- Re: [netconf] updates to client/server drafts Andy Bierman
- Re: [netconf] updates to client/server drafts Rob Wilton (rwilton)
- Re: [netconf] updates to client/server drafts Andy Bierman