[netconf] Summary of updates
Kent Watsen <kent+ietf@watsen.net> Tue, 18 May 2021 18:37 UTC
Return-Path: <0100017980c49236-7975b99d-b591-4da2-a118-f6598517c4e5-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8A593A1C97 for <netconf@ietfa.amsl.com>; Tue, 18 May 2021 11:37:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-zMu66ugkdh for <netconf@ietfa.amsl.com>; Tue, 18 May 2021 11:37:18 -0700 (PDT)
Received: from a8-88.smtp-out.amazonses.com (a8-88.smtp-out.amazonses.com [54.240.8.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CF113A1C8D for <netconf@ietf.org>; Tue, 18 May 2021 11:37:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1621363036; h=From:Content-Type:Content-Transfer-Encoding:Mime-Version:Subject:Message-Id:Date:To:Feedback-ID; bh=yGgze0+5vmDk1AYhaoE/K8hOdzd3QRjlEgF606aWSBQ=; b=aBRSElEpgPs++KYEXNbwlXNOxt6c8vwMXXi2XjnOC3NbNwsalUAzLzg4+VOxPTuJ 7x09cF3c5RSHLqz7uUkgHYUlAFkEaOHqtQgkcTQShq9qHd5uZ9uu0KPUZrD+o6ADJQ9 MJQ0epNqJRHd0mpc5fhJG5luM/JgFa6pB9cm0ha8=
From: Kent Watsen <kent+ietf@watsen.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Message-ID: <0100017980c49236-7975b99d-b591-4da2-a118-f6598517c4e5-000000@email.amazonses.com>
Date: Tue, 18 May 2021 18:37:16 +0000
To: "netconf@ietf.org" <netconf@ietf.org>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2021.05.18-54.240.8.88
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/z2eNjv6FshBJhDH1id3dJUHGjDg>
Subject: [netconf] Summary of updates
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 May 2021 18:37:21 -0000
Thank you to all that contributed to the WGLC of the tcp-, ssh-, tls-, and http- client-server drafts. Below is the result change log for each draft, but the highlights for me are: 1) for the “tcp” draft, the abstract/introduction sections were enhanced by Michael, my co-author and TCP WG co-chair. 2) for the “ssh” draft, we added and then removed the keyboard-interactive and GSS-API support. 3) for the “tls” draft, we marked the feature statements for versions other than 1.3 as “not recommended”. 4) for the “http” draft, no significant update (really? hmm...) 5) for the “netconf” draft, whilst not in WGLC, significant updates wrt the "client-identity-mappings” nodes. Notably, beware that the Last Call YANG-doctor review for some of these four drafts has been pending this update, so expect to see a little more activity on these drafts yet. K. DETAILS: crypto-types: * Nits found via YANG Doctors reviews. * Aligned modules with `pyang -f` formatting. truststore: * Added prefixes to 'path' statements per trust-anchors/issues/1 * Renamed feature "truststore-supported" to "central-truststore-supported". * Associated with above, generally moved text to refer to a "central" truststore. * Removed two unecessary/unwanted "min-elements 1" and associated "presence" statements. * Aligned modules with `pyang -f` formatting. * Fixed nits found by YANG Doctor reviews. keystore: * Added prefixes to 'path' statements per trust-anchors/issues/1 * Renamed feature "keystore-supported" to "central-keystore- supported". * Associated with above, generally moved text to refer to a "central" keystore. * Aligned modules with `pyang -f` formatting. * Fixed nits found by YANG Doctor reviews. tcp-client-server: * Updated Abstract and Intro to address comments by Tom Petch. * Removed the "tcp-connection-grouping" grouping (now models use the "tcp-common-grouping" directly). * Added XML-comment above examples explaining the reason for the unusual top-most element's presence. * Added Securty Considerations section for the "local-binding- supported" feature. * Replaced some hardcoded refs to <xref> elements. * Fixed nits found by YANG Doctor reviews. * Aligned modules with `pyang -f` formatting. * Added an "Acknowledgements" secetion. ssh-client-server: * Removed the 'supported-authentication-methods' from {grouping ssh- server-grouping}/client-authentication. * Added XML-comment above examples explaining the reason for the unexepected top-most element's presence. * Added RFC-references to various 'feature' statements. * Renamed "credentials" to "authentication methods" * Renamed "client-auth-*" to "userauth-*" * Renamed "client-identity-*" to "userauth-*" * Fixed nits found by YANG Doctor reviews. * Aligned modules with `pyang -f` formatting. * Added a 'Contributors' section. tls-client-server: * Added missing reference to "FIPS PUB 180-4". * Added identity "tls-1.3" and updated description statement in other identities indicating that the protocol version is obsolete and enabling the feature is NOT RECOMMENDED. * Added XML-comment above examples explaining the reason for the unexpected top-most element's presence. * Added missing "client-ident-raw-public-key" and "client-ident-psk" featutes. * Aligned modules with `pyang -f` formatting. * Fixed nits found by YANG Doctor reviews. * Added a 'Contributors' section. http-client-server: * Added XML-comment above examples explaining the reason for the unusual top-most element's presence. * Renamed 'client-auth-config-supported' to 'client-auth-supported' consistent with other drafts. * Wrapped 'container basic' choice inside a 'case basic' per best practice. * Aligned modules with `pyang -f` formatting. * Fixed nits found by YANG Doctor reviews. netconf-client-server: * Floated an 'if-feature' statement in a grouping down to where the grouping is used. * Clarified 'client-identity-mappings' for both the SSH and TLS transports. * For netconf-client, augmented-in a 'mapping-required' flag into 'client-identity-mappings' only for the SSH transport, and refined-in a 'min-elements 1' only for the TLS transport. * Aligned modules with `pyang -f` formatting. restconf-client-server: * Further clarified why some 'presence' statements are present. * Addressed nits found in YANG Doctor reviews. * Aligned modules with `pyang -f` formatting.
- [netconf] Summary of updates Kent Watsen
- [netconf] netconf-tls wasRe: Summary of updates tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… Juergen Schoenwaelder
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… Juergen Schoenwaelder
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… Juergen Schoenwaelder
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… Juergen Schoenwaelder
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… Juergen Schoenwaelder
- Re: [netconf] netconf-tls wasRe: Summary of updat… Kent Watsen
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- [netconf] More complications was Re: netconf-tls … tom petch
- Re: [netconf] More complications Kent Watsen
- Re: [netconf] More complications tom petch
- Re: [netconf] More complications Henk Birkholz
- Re: [netconf] More complications Juergen Schoenwaelder
- Re: [netconf] More complications Kent Watsen
- Re: [netconf] More complications tom petch
- [netconf] TLS 1.3 and pre-shared-keys and raw-pub… Kent Watsen
- Re: [netconf] TLS 1.3 and pre-shared-keys and raw… tom petch
- Re: [netconf] netconf-tls wasRe: Summary of updat… tom petch
- Re: [netconf] TLS 1.3 and pre-shared-keys and raw… Kent Watsen
- Re: [netconf] TLS 1.3 and pre-shared-keys and raw… Rob Wilton (rwilton)
- Re: [netconf] TLS 1.3 and pre-shared-keys and raw… tom petch
- Re: [netconf] More complications Kent Watsen