Re: [Netconf] a couple zerotouch-21 issues
Kent Watsen <kwatsen@juniper.net> Sat, 19 May 2018 01:31 UTC
Return-Path: <kwatsen@juniper.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA187124D68 for <netconf@ietfa.amsl.com>; Fri, 18 May 2018 18:31:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V5DzCvgBRoXP for <netconf@ietfa.amsl.com>; Fri, 18 May 2018 18:31:44 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC109124BAC for <netconf@ietf.org>; Fri, 18 May 2018 18:31:44 -0700 (PDT)
Received: from pps.filterd (m0108161.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w4J1ODda026674 for <netconf@ietf.org>; Fri, 18 May 2018 18:31:44 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=nvb1U5jI7RLhPB97vJHqK3ovPk++mr5WrSp74cByvcY=; b=U1TKP/SA3UHdCFufCQmPQ9gjLEWxcnuM3oufnfEp+PsrJ/nzPA7pisVMdDrzhp94Iw/L tUXw7qNbuPJbvh1DED/tWeYweCQUc20rza7Fq0q0xdOgTgSrKGxq4wrrjE5oAHVJAAaQ 5ScgK05VFK6xe4xjzB3B8n2CPBtWXbRmu+0/oFTyoN8bQAkmOSxJnqnT9XpBK8JRiOT7 wx7rg9xqn4cN8bLQNt2soY9lBp+82e8C7C3Rh4YPYjpDrjYxJkqn1/9PT8TBFw0qjUqd r0U5bVrU/MvZYlW3MpnEKk65B+OxAZLbFxjKb6KcgI0ZIOyAqXT+y7jIfuOrezPRwqIz 1g==
Received: from nam03-by2-obe.outbound.protection.outlook.com (mail-by2nam03lp0050.outbound.protection.outlook.com [216.32.180.50]) by mx0b-00273201.pphosted.com with ESMTP id 2j283b054r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <netconf@ietf.org>; Fri, 18 May 2018 18:31:43 -0700
Received: from BYAPR05MB4230.namprd05.prod.outlook.com (52.135.200.153) by BYAPR05MB4200.namprd05.prod.outlook.com (52.135.200.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.776.4; Sat, 19 May 2018 01:31:41 +0000
Received: from BYAPR05MB4230.namprd05.prod.outlook.com ([fe80::5c50:c79f:dbd0:7a9a]) by BYAPR05MB4230.namprd05.prod.outlook.com ([fe80::5c50:c79f:dbd0:7a9a%13]) with mapi id 15.20.0776.008; Sat, 19 May 2018 01:31:41 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [Netconf] a couple zerotouch-21 issues
Thread-Index: AQHT5wJEkxmjjxk4W0WcLhw63ptjzqQn7bQAgA4jf4A=
Date: Sat, 19 May 2018 01:31:41 +0000
Message-ID: <676D12C9-B54F-4613-9774-D34A4500C230@juniper.net>
References: <370E9C67-3397-4588-A72C-0526EB405739@juniper.net> <E7AFD35D-114B-4C53-9458-FBCAC4B76B8F@gmail.com>
In-Reply-To: <E7AFD35D-114B-4C53-9458-FBCAC4B76B8F@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BYAPR05MB4200; 7:mCC0DOJW8XSV8F3HsUhWcVSaM1b9rHqb6GRb6LbH4n41Fo3+jE2HWzaA2CWP/IzxUTooZ3QushAXsX0KfSUqLQmgL+AUD+QLJ6yZMOChjK88ewaOeqErxjXr+fy+l8YRDy6nJ493+yBsPWYRIYkvV9PZKU7QT6GwmHCNBkc6bGq1+I1qiBVveEwaFAc9KSdtA/TquDwQO7oUjTLuqB/roo1tcFQcX9qxCqfmrAbjBrXOJOtcY3EC7h9uKsPrNXNW
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603328)(7153060)(7193020); SRVR:BYAPR05MB4200;
x-ms-traffictypediagnostic: BYAPR05MB4200:
x-microsoft-antispam-prvs: <BYAPR05MB4200E4E8D1B249019588F268A5970@BYAPR05MB4200.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(3231254)(944501410)(52105095)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:BYAPR05MB4200; BCL:0; PCL:0; RULEID:; SRVR:BYAPR05MB4200;
x-forefront-prvs: 0677FFABBF
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39380400002)(39860400002)(396003)(366004)(376002)(189003)(199004)(106356001)(105586002)(3280700002)(2906002)(5660300001)(58126008)(316002)(3660700001)(5640700003)(6436002)(66066001)(14454004)(2351001)(3846002)(6116002)(33656002)(478600001)(25786009)(8936002)(186003)(305945005)(26005)(5250100002)(2501003)(59450400001)(76176011)(102836004)(6506007)(6512007)(476003)(97736004)(7736002)(2616005)(486006)(6916009)(36756003)(446003)(11346002)(68736007)(81156014)(1730700003)(81166006)(6486002)(82746002)(6246003)(86362001)(8676002)(83716003)(229853002)(2900100001)(53936002)(99286004); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB4200; H:BYAPR05MB4230.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: hnRDheyoYSo54jDdSie7oQX3MS+vC8LcPhapqOBZQeP/TSNkR4mzyIsulK7dLKw8XYoxccuyGUL8c8pE7PTeXuNSzsKqfyvjurPbl/CvyFPsbF3q6eYZ86vljwhgC5RtpWkR0KjkYoTlKL6GLyLHpWfRCjX8QmTUODCYIDKQWZyjT/BJCk3HEQXU8eR0KnAD
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <9E6F6A391E0FC1498F5E062E4DFD8B03@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 5cb25906-6d95-46b1-c90f-08d5bd284654
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 5cb25906-6d95-46b1-c90f-08d5bd284654
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 May 2018 01:31:41.8471 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB4200
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-05-18_10:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1805190014
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/vUMoigdUvlQEOlbiJTuC5NNWznA>
Subject: Re: [Netconf] a couple zerotouch-21 issues
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 May 2018 01:31:47 -0000
Regarding what to do with the "zero touch device data model" in Section 8: a) Everyone agrees on not delaying this draft any longer waiting for the keystore drafts to complete. b) There is a difference in opinion as to if we should move Section 8 to the Appendix, or delete it altogether. We don't have consensus. c) There is new information since the above comments were made. The new information is that the WG will likely adopt the crypto-types and trust-anchors drafts and, thus the dependencies change. The type "cms" becomes "ct:cms", and the path "/ks:keystore/pinned-certificates/name" becomes " /ta:trust-anchors/pinned-certificates/name". This changes the equation in that the probability is higher now that this non-normative module will remain valid longer. Do we still think that it is "high risk" and, even if it is, is it really a problem? Have we ever published an example module that imported modules that were works-in-progress before? [I can't think of one, but I don't follow every draft either] d) On the flip side, why is having a non-normative example better than no example at all, however evolved or not evolved the current example is? There is a tradeoff between having something (which is nice) and the risk that it will become invalid (which would be a nuisance). How nice is nice and how big of a nuisance would it be? [it seems like nice > nuisance] Thoughts? Kent // contributor
- [Netconf] a couple zerotouch-21 issues Kent Watsen
- Re: [Netconf] a couple zerotouch-21 issues Martin Bjorklund
- Re: [Netconf] a couple zerotouch-21 issues Martin Bjorklund
- Re: [Netconf] a couple zerotouch-21 issues Kent Watsen
- Re: [Netconf] a couple zerotouch-21 issues Kent Watsen
- Re: [Netconf] a couple zerotouch-21 issues Mahesh Jethanandani
- Re: [Netconf] a couple zerotouch-21 issues Kent Watsen
- Re: [Netconf] a couple zerotouch-21 issues Mahesh Jethanandani
- Re: [Netconf] a couple zerotouch-21 issues Eric Voit (evoit)
- Re: [Netconf] a couple zerotouch-21 issues Kent Watsen