IETF Logo Mail Archive

Re: [netmod] identityref with multiple base statements (follow-up question)

tom petch <ietfc@btconnect.com> Thu, 24 September 2020 09:01 UTC

Return-Path: <ietfc@btconnect.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A92F3A09FF for <netmod@ietfa.amsl.com>; Thu, 24 Sep 2020 02:01:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MGYlvpG6jdRA for <netmod@ietfa.amsl.com>; Thu, 24 Sep 2020 02:01:13 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30125.outbound.protection.outlook.com [40.107.3.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C87D3A09FB for <netmod@ietf.org>; Thu, 24 Sep 2020 02:01:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oNNSty4/vtePuOtw9SGe21QBgLp+15LFuozHWOLpVnsONcqpUgho4ZC8qolZpoZFdMDa9bsXJw4RMzwNW+tXSjx/WMmc/I9WBErusUPX/RcjwPbf4kqNNMQ05UzVf1dOJXqWqJN0pKHTfeB1nchDfi0TqDdd5scWkVu6w88yMeizUczoNhHw3oUju0XcCTPtSItxh5K8pIOQdZItgShB7mTWGMXaRy1tkQfAWpSUcUQcKgeOpUR06PNVcQ9l6wZlm1xxFaqUewayK1nXq8lIM8JceDB72tJik9m05WdkQe9S+wNeE3bnRhDnfVeeiAWx+MSojT7KDLCkRElC1MzeWA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hYPNQlxBWIwVM7dHbRo/jJ1venZ/DEr+9uvGNZ2Jdl0=; b=PRLFNsuLZh4Gij5PGobKFLVfqIIUxPR1rhv7/iC4MySuy4pkijPHQyCCXVaRWlGIaW3lY4JbIgWWK0EQ3AEFkdsHY6Nt7KDGLersjpTUwBlg+dFo7Pi83yX47GeN/XWobZAb0b7uWCcRWUVNuPHPTt1OUapwMVdUu8NnXJUlC6tjByncPnxJOd7NArxM2Rlv08gdPX7gn2rsIRObbZ4X+JU5sD4skCgiIPlz/iMhU4xvv7i4VyqThtr7FMaBTB9uvxt+Z1v+XirxEoX3oCULtZlpPq3eksvnC94U/3JmVCBM8a1Yrf7SMJROyhPvpjhAT+afUeFpo5NkxyRibBH5BQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hYPNQlxBWIwVM7dHbRo/jJ1venZ/DEr+9uvGNZ2Jdl0=; b=UxLSpU/n6ZGJfJHBanfZwbZPlG+rPoip3ThTBezRZjfnc4peCoFNzV8wfIHKeLaI2mVunDvjlX6Zrt2m8uRK3D/BoUQdjltDJkLumcgSuPzGQgUNkuX0G+Va9nrRclLFbPceaZetW7RsfbIfE8YQUl/pfmrYFSndulh5M0/J9qY=
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com (2603:10a6:20b:134::11) by AM7PR07MB6804.eurprd07.prod.outlook.com (2603:10a6:20b:1b4::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.4; Thu, 24 Sep 2020 09:01:06 +0000
Received: from AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::189c:ac35:ce23:d38a]) by AM7PR07MB6248.eurprd07.prod.outlook.com ([fe80::189c:ac35:ce23:d38a%6]) with mapi id 15.20.3391.006; Thu, 24 Sep 2020 09:01:06 +0000
From: tom petch <ietfc@btconnect.com>
To: Ladislav Lhotka <ladislav.lhotka@nic.cz>, Italo Busi <Italo.Busi@huawei.com>, "netmod@ietf.org" <netmod@ietf.org>
CC: Joey Boyd <joey.boyd@adtran.com>
Thread-Topic: [netmod] identityref with multiple base statements (follow-up question)
Thread-Index: AdaRhLMHWUL2bx+uSjSp5K9i+qJg9AAMSCcAACa6598=
Date: Thu, 24 Sep 2020 09:01:06 +0000
Message-ID: <AM7PR07MB62487B0B4C3F4245B31ED322A0390@AM7PR07MB6248.eurprd07.prod.outlook.com>
References: <7f4e6d298f16434b9555eaede6f3fe0e@huawei.com>, <878sd04lex.fsf@nic.cz>
In-Reply-To: <878sd04lex.fsf@nic.cz>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: nic.cz; dkim=none (message not signed) header.d=none;nic.cz; dmarc=none action=none header.from=btconnect.com;
x-originating-ip: [86.146.121.140]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bc592c00-1c9e-44d9-7d93-08d860685f5e
x-ms-traffictypediagnostic: AM7PR07MB6804:
x-microsoft-antispam-prvs: <AM7PR07MB680478ADCF774E0BD9F6B2D4A0390@AM7PR07MB6804.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qbVosNDgvgj1N6XnyXCs3gZlUdPnkJLLZWOYUFMr6uBiVGLAT0Fn/Pabt9iv7wOpWQxFnLhZWbXvR7LgRHI9Z2FQqaRCD2xHVW84TvLPBcAMBnNc8xttFWSEv2gk4AmjedueyPMH/ttUVkSKewZTRZDhI0kGPFzvgtcXg2Sh8LdVEPrzOZhA8M9bnlfQPMxkYaYQ46MeX/oItsgu8JHndTGLpGH5t7zFED/L1paMk+xt71JboiWvGsaOLEIGBscFLeA7KOmAbT4Ta4XDcSTBZDtTddHCjCl1znkp1hI9sK6tQhfvxNXo7CHbIdUgAhticAFtXUl2S9ONjpX0ReMfV9Eo1wQULVMRwdPZHouPYT5ts+WVSJxchGLpjU7Ai195/ZIej7xL/nhkqOG0F67uoaSRZj0Dd1GZ5qrykEbLfBliMFUFwlzMhnF1c7di22ts9n9gtr02ISceTSNjLDDSdQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR07MB6248.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(376002)(39860400002)(346002)(396003)(366004)(33656002)(76116006)(2906002)(316002)(4326008)(66446008)(186003)(64756008)(91956017)(66946007)(66556008)(55016002)(9686003)(66476007)(5660300002)(8676002)(6506007)(53546011)(110136005)(8936002)(7696005)(83380400001)(26005)(478600001)(71200400001)(966005)(86362001)(52536014); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: m2S4xuCQautUrBGrIdaf3xaI87e3214ky0Fje4OKav8rZgqgSMiipWRbW5GWL9BdUrFN+odm9QealWwgJgC5i8zcZQQQqhka95LmG8w6IJmnDodd7+qwlyYjZ21tuwjH/hQHFa+ampXp+sJgE1eV3Sz7lIrzmbI50Ityn6uR7JjZlcKVLGMgzHIpMt5ByAMQv7Y/X3XCDW+os+MHmFx0D9J3QTbnr8MF0WOKFoo7sblVikJl16UAx7AvZam/5bOu0S1eHjFAxUFcas5E6AYLoSTsapBa9/vQ8vETriu9+C0U7szbZWGYXt8gZZrLYhDvH83J/Xi1eQStz+tMBdAfDUVzKCNPsqlaTVPJQEYHVMEXiOO5jp6/7MXAgm3YfVzx5oXwFNg9dKnRRySup/iYqE4DrQaUzBix8Cm3+6IwA47vI2LFZpwjucsjDShi4Oi2IKhR6rYSEimdFu/deYnPVZls18aBz75D0BTXW3dy/hKm0ubxfcBnNjTGteEh9AjAKz0ONarGiu4toksVILYkMwbUoIP/XbURYog8qANlWcHrx41F5e6UQlE0HKqRhpiiy3ZaGyG6iItGBKl2FEX1TImhl68HpwLAKuAaVrQ0tFdzM0SzhFm5VB0UzaNqaj/nWeAnOb9r7hR41jsEAp8Yig==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR07MB6248.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bc592c00-1c9e-44d9-7d93-08d860685f5e
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Sep 2020 09:01:06.5380 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: DyWopuRN4zirt/7NLnaUZERdyc9uNtcp4MXu9PYKT0b8HUkPMTO3BKTNjcxhUiAQlCEtMAe46GlWTUq5RIbHpw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6804
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/iRZN9qqQyqIHKIwIHZcM8w3rUnE>
Subject: Re: [netmod] identityref with multiple base statements (follow-up question)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Sep 2020 09:01:16 -0000

From: netmod <netmod-bounces@ietf.org> on behalf of Ladislav Lhotka <ladislav.lhotka@nic.cz>
Sent: 23 September 2020 15:28

Italo Busi <Italo.Busi@huawei.com> writes:

> I have a follow-up question about this topic
>
> Considering the same identities defined below, what would be the valid values the following references?
>
> leaf reference-1 {
>   type identityref {
>     base base-1;
>   }
>   description
>     "Reference to an identity #1.";
> }
>
> leaf reference-2 {
>   type identityref {
>     base base-2;
>   }
>   description
>     "Reference to an identity #2.";
> }
>
> My understanding, is that:
> - valid values for the reference-1 would be 'a' and 'b'
> - valid values for the reference-2 would be 'b' and 'c'
>
> Is my understanding correct?

Yes, this should be pretty clear from sec. 9.10.2 of RFC 7950.

<tp>
Well, may be.  I saw this come up some time ago and read RFC7950 and was unsure.

It is 'derived from all' that gave me pause.  With aa and bb as base, does that mean derived from aa and bb or derived from aa or bb?  Should that be 'derived from any'? 

Tom Petch

Lada

>
> Thanks, Italo
>
>> -----Original Message-----
>> From: Ladislav Lhotka [mailto:ladislav.lhotka@nic.cz]
>> Sent: lunedì 3 agosto 2020 10:45
>> To: Joey Boyd <joey.boyd@adtran.com>; netmod@ietf.org
>> Subject: Re: [netmod] identityref with multiple base statements
>>
>> Joey Boyd <joey.boyd@adtran.com> writes:
>>
>> > Hi,
>> >
>> > I am looking for some clarification regarding RFC 7950 section 9.10.2,
>> specifically this statement.
>> >
>> > Valid values for an identityref are any identities derived from all the
>> identityref's base identities.
>> >
>> > Example:
>> >
>> > identity base-1 {
>> >   description
>> >     "Base identity #1.";
>> > }
>> >
>> > identity base-2 {
>> >   description
>> >     "Base identity #2.";
>> > }
>> >
>> > identity a {
>> >   base base-1;
>> >   description
>> >     "Identity A.";
>> > }
>> >
>> > identity b {
>> >   base base-1;
>> >   base base-2;
>> >   description
>> >     "Identity B.";
>> > }
>> >
>> > identity c {
>> >   base base-2;
>> >   description
>> >     "Identity C.";
>> > }
>> >
>> > leaf reference {
>> >   type identityref {
>> >     base base-1;
>> >     base base-2;
>> >   }
>> >   description
>> >     "Reference to an identity.";
>> > }
>> >
>> > The question is how to determine the value space for this identityref.
>> >
>> > Option #1:
>> > The value space is any identity which is derived from both base identities.
>> This means the only valid value in the example would be 'b'.
>> >
>> > Option #2:
>> > The value space is any identity which is derived from either base identity.
>> This means the valid values are 'a', 'b' and 'c'.
>> >
>> > The phrasing "...derived from all the identityref's base identities." tends to
>> point to Option #1 but I would like clarification on the intent.
>>
>> Yes, #1 is correct.
>>
>> Lada
>>
>> >
>> > Best regards,
>> > Joey
>> >
>> > _______________________________________________
>> > netmod mailing list
>> > netmod@ietf.org
>> > https://www.ietf.org/mailman/listinfo/netmod
>>
>> --
>> Ladislav Lhotka
>> Head, CZ.NIC Labs
>> PGP Key ID: 0xB8F92B08A9F76C67
>>
>

--
Ladislav Lhotka
Head, CZ.NIC Labs
PGP Key ID: 0xB8F92B08A9F76C67

_______________________________________________
netmod mailing list
netmod@ietf.org
https://www.ietf.org/mailman/listinfo/netmod

v2.23.0 | Report a Bug | By Email