IETF Logo Mail Archive

Re: [Netconf] WG LC for draft-ietf-netconf-rfc6536bis

Andy Bierman <andy@yumaworks.com> Fri, 05 May 2017 05:55 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72DF51293E9 for <netconf@ietfa.amsl.com>; Thu, 4 May 2017 22:55:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A4dqtCalIuHS for <netconf@ietfa.amsl.com>; Thu, 4 May 2017 22:55:30 -0700 (PDT)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF3A91200B9 for <netconf@ietf.org>; Thu, 4 May 2017 22:55:29 -0700 (PDT)
Received: by mail-wm0-x234.google.com with SMTP id w64so14524177wma.0 for <netconf@ietf.org>; Thu, 04 May 2017 22:55:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=jBpjGUtWV5hpRqiVm+U0xotMbgIalHcDgAdKrad217U=; b=DDJYHiwGpbAYqZv9Epgft0CEtPbIEjpc+/U6mbNStaihHme7OldyZMUvTmctyEF5gp 8FjrzkA2IHmL7FxOqXZRGhqeVL06H1vJvV8ieK86KoIjpmpMcoVnVzu5J/l8Cn6pcj7q gf+emYlRFMGo7liZfq9gjEEhjv+78HKGmvj0m6z0dmKglQY+3fQOh4RjmvRCsLM4x0jb ubYq6k2bupLFJkr7DlIYymS0/kYsPjXVnR3LmvrWBluvUe5xpuVPFJVN4xX47WuN5Woe VlqSUYyXtldr+O6OI9L7XS6Pv3iV1fj7QEFZhj5i5QgZKqjdybt4EDaKq66USODdmBt0 JDvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=jBpjGUtWV5hpRqiVm+U0xotMbgIalHcDgAdKrad217U=; b=FXvuwhGKwLOFZD/lEuHP+XvhWjHfIksGU+0QaWIVfPKxj3lQgFznKw5246s3PzOkI5 DgWSxR03bf0b9TujpeHdzY22wdnxkEvrGXle2CYARip1p64/1YjYxJDnLR/jMNCsbPRQ GetoJDGy3RCJfupDmsksRiFFefbBNWQ1cGH3MmfKnoO/HfZQSthQyhJAmUrJFjyeFvtd XS4dpPr/3qC9LAeVnRby3fpjEVqr/MYSKIQSTrlxCWrqe9kDJVAjSNFoNmW18aUfA1JI 2rufflQO9yOf4+AaIFRMCa+uY7DHKZNGQ7TikvCvFdUzzgEiZpp9tf+2GJzwPUkgSu8t rjHg==
X-Gm-Message-State: AN3rC/73BOQcRUT+bIcq6aozVd4izroI6CaVI6NlxqiqPibLgAfIBaKE Zr5pEU3c05KD5WcjDOoEeW11MD+B5A==
X-Received: by 10.28.133.70 with SMTP id h67mr3942454wmd.136.1493963728091; Thu, 04 May 2017 22:55:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.155.2 with HTTP; Thu, 4 May 2017 22:55:27 -0700 (PDT)
In-Reply-To: <20170505054328.GA9029@elstar.local>
References: <A13E62FA-AB96-4164-98D5-3CC1D04A78E8@gmail.com> <E236AC6C-4B6D-43B1-8092-0B8AA3F4D6AA@gmail.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0DF956E8@SJCEML701-CHM.china.huawei.com> <CABCOCHT9fNKHn=qgFsQ0mznByArCpqsAz4m4jjjPE7M243UjeA@mail.gmail.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0DF9584C@SJCEML701-CHM.china.huawei.com> <CABCOCHRgaTpxXJ0nOgbHx4Hbz6FgfTahN3T2OedfC6gnbnAN0A@mail.gmail.com> <20170504191415.GF8393@elstar.local> <CABCOCHT5_Up8v5m_0b7Fx9siMTATZPeL9tbC_Pciw1gUyCsTiQ@mail.gmail.com> <20170505054328.GA9029@elstar.local>
From: Andy Bierman <andy@yumaworks.com>
Date: Thu, 04 May 2017 22:55:27 -0700
Message-ID: <CABCOCHT0LT=z4JcPkdzSRoVEPJ5MoO6PvHYojgRQHUf_aUFT0g@mail.gmail.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, Andy Bierman <andy@yumaworks.com>, Alexander Clemm <alexander.clemm@huawei.com>, Netconf <netconf@ietf.org>
Content-Type: multipart/alternative; boundary="001a114431f8521700054ec089db"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/wAmA7qA-G6SlWlROlua2SmHm8i8>
Subject: Re: [Netconf] WG LC for draft-ietf-netconf-rfc6536bis
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 05:55:32 -0000

On Thu, May 4, 2017 at 10:43 PM, Juergen Schoenwaelder <
j.schoenwaelder@jacobs-university.de> wrote:

> On Thu, May 04, 2017 at 01:02:39PM -0700, Andy Bierman wrote:
> > On Thu, May 4, 2017 at 12:14 PM, Juergen Schoenwaelder <
> > j.schoenwaelder@jacobs-university.de> wrote:
> >
> > > On Thu, May 04, 2017 at 11:28:48AM -0700, Andy Bierman wrote:
> > >
> > > > there is no text about candidate vs. running vs. startup.
> > > > The NACM rules apply to all of them the same.
> > > > I could add text that says there is no consideration for specific
> > > > datastores.
> > > > Most rules apply to the schema tree. Data rules apply to instance
> data
> > > > but they apply to all instances in all datastores).  I can make this
> > > clear
> > > > in the next revision
> > >
> > > Does NACM apply to an I2RS datastore? Just checking before a generic
> > > all datastores quantifier is put in place. Perhaps it is safer to say
> > > where we know NACM applies and leave the rest to be defined later.
> > >
> > >
> > It applies to all datastores.
> > The datastore may not support all the CRUD operations that NACM supports.
> > The subset that does apply is enforced.
> >
> > The other variant (the datastore supports more operations than the
> > NACM CRUDX model supports) is not covered.
> >
> > So NACM should be careful to say new operations not covered by CRUDX
> > are out of scope.
> >
> > IMO the  I2RS user priority enforcement is part of the protocol, not
> NACM,
> > similar to NETCONF enforcing data-missing on a delete operation.
> >
>
> Do we allow for the possibility to have datastores that use a
> different access control model, if ever needed?
>

that would certainly be out of scope for this document.
If something else replaces NACM the server would advertise that module
instead of ietf-netconf-acm.



> /js'
>


Andy


>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
>

v2.23.0 | Report a Bug | By Email