IETF Logo Mail Archive

Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt

Kent Watsen <kwatsen@juniper.net> Wed, 07 February 2018 00:49 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D9C126DFB for <netmod@ietfa.amsl.com>; Tue, 6 Feb 2018 16:49:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cj81xQCTMbzx for <netmod@ietfa.amsl.com>; Tue, 6 Feb 2018 16:49:53 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B914128896 for <netmod@ietf.org>; Tue, 6 Feb 2018 16:49:53 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w170mt63002266; Tue, 6 Feb 2018 16:49:52 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=ANHH63/ddF3R1JU2rgzI2Atj77o8La4tYvBYFH+4eE0=; b=NO2daI6SdpzHj/tXCTTY0xGdJ3hHIM0oFCc88eB5MF3Cjy3Q+mfZnukjDSblLQY8jxZJ NnDeJOqFoNcFXdSUSiM1h1b8Ur+ahTlCQEfoQUu1r65VKwPrK0Cj9HD0D05+qmydYOWo mQca1rjNuTzZMGkjpBrI/fIMqIomPc7nPm4dgR4PFAZBSgtn9Z07fvR9f9GTPAgXHiXP myvZpiSlgqueAdwjsVR74VJIV+whSworZZ5M+l5V/xmSL8/mSyZCWwxwxKzr+nsfBlkQ u8LO/rsaLzYSOjLbJIdJ92H/3IWJg4YPLl92ZdScNBTjr333EPRRwu3s3MVkOk7tP5li +g==
Received: from nam03-co1-obe.outbound.protection.outlook.com (mail-co1nam03lp0017.outbound.protection.outlook.com [216.32.181.17]) by mx0a-00273201.pphosted.com with ESMTP id 2fyn3y86q0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 06 Feb 2018 16:49:52 -0800
Received: from DM5PR05MB3484.namprd05.prod.outlook.com (10.174.240.147) by DM5PR05MB3323.namprd05.prod.outlook.com (10.174.191.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.485.3; Wed, 7 Feb 2018 00:49:50 +0000
Received: from DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) by DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) with mapi id 15.20.0485.009; Wed, 7 Feb 2018 00:49:50 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "Clyde Wildes (cwildes)" <cwildes@cisco.com>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
Thread-Index: AQHTi/jgm64n1kE5c0S5iq2VpQaBSqN2at0AgAznHmeAFJ1egA==
Date: Wed, 07 Feb 2018 00:49:50 +0000
Message-ID: <C98C7B05-23F2-4983-9862-DF30F0BF29F3@juniper.net>
References: <151579789446.21777.985631371557420470@ietfa.amsl.com> <B21EB766-3A67-4642-9791-16586449E885@juniper.net> <045f01d39534$c02ba480$4001a8c0@gateway.2wire.net>
In-Reply-To: <045f01d39534$c02ba480$4001a8c0@gateway.2wire.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR05MB3323; 7:HoRxHhNW5jsJgTetCLXcsHY7Sm59ybjTlIRlj/L1+v5XC3WhLRFBxxoeu0nbpwRVpaetoJLPWwBCvs+jHimwO20fp6xnoPDMxi/7kVWtrV/DeCS6KWLsIvorH4j7XdCSaXeolLjrpdhZgaEYXZZDbq5/FVJ7+w+zHEMUznH1PylvxBpPwLQRH45lIh9iNjzPMo6XYPj9MKofavxN5uR4dUbIfNLw96bbN5Nfa4b7AxJ4JUzTKeadvJYR9lkuvuip
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: f90d91c2-b66e-41e1-eea6-08d56dc4b19f
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:DM5PR05MB3323;
x-ms-traffictypediagnostic: DM5PR05MB3323:
x-microsoft-antispam-prvs: <DM5PR05MB3323C667C439E5BA2E2C319BA5FC0@DM5PR05MB3323.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(10436049006162)(209352067349851)(192374486261705)(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3231101)(2400082)(944501161)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041288)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123564045)(6072148)(201708071742011); SRVR:DM5PR05MB3323; BCL:0; PCL:0; RULEID:; SRVR:DM5PR05MB3323;
x-forefront-prvs: 0576145E86
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(39380400002)(39860400002)(366004)(346002)(376002)(51444003)(52314003)(13464003)(199004)(189003)(58126008)(966005)(68736007)(110136005)(105586002)(229853002)(6116002)(2906002)(316002)(2900100001)(14454004)(575784001)(478600001)(3846002)(2950100002)(33656002)(83506002)(99286004)(5660300001)(3280700002)(86362001)(8676002)(53936002)(2501003)(186003)(97736004)(25786009)(6506007)(6512007)(83716003)(3660700001)(6246003)(77096007)(6346003)(26005)(82746002)(81156014)(81166006)(102836004)(66066001)(7736002)(106356001)(8936002)(76176011)(305945005)(6436002)(36756003)(6486002)(6306002)(59450400001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3323; H:DM5PR05MB3484.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: qcH38qAgmq+21/5sV4UxI0ihoEbIqZHi+2CLw2r0IG9imZTUZ2WwhScHQAQhrqvB7ociyxNRXqR/4VAWVRrGpg==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <539C261BF424424AAF186F8A3F6850C9@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: f90d91c2-b66e-41e1-eea6-08d56dc4b19f
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Feb 2018 00:49:50.3078 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3323
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-06_10:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802070008
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/6FByqqtCwgjHLVNnAGGGt46KKWM>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2018 00:49:56 -0000

Hi Clyde,

The chairs were discussing the HISTORIC reference to RFC 6587.   As we understand it, RFC 6587 was actually originally published as a HISTORIC document to accommodate Security area concerns.  Apparently, Benoit was AD at the time, so he may recall.  The IETF took special effort to publish RFC 6587 anyway, likely due to TCP being in common use.  Anyway, we're wondering, must this document have a normative reference to RFC 6587?  - could it be made Informational instead?  Is understanding RFC 6587 necessary to implement the syslog draft?

We also discussed the normative references to the keystore-and-friends drafts.   As it stands, my shepherd write-up is going to have to call these out as unstable dependencies.   I know that it was discussed before, but would you have any appetite to revisit having TLS in the first version of this module?  Perhaps it could be picked it up in a bis?

When can you post an update?  Would you rather us appoint an Editor to help get it done sooner?  I think that we've been in this post-LC phase for nearly four months now...

Kent // shepherd


===== original message =====

Kent

My request for a reference for Posix hs been fixed in -19.

Tom Petch

----- Original Message -----
From: "Kent Watsen" <kwatsen@juniper.net>
To: <netmod@ietf.org>
Sent: Tuesday, January 16, 2018 4:59 PM

> Clyde,
>
> This draft still isn't passing idnits.  I provided the link to idnits
previously, but here it is again: https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_tools_idnits&d=DwICAw&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=vB8Genu4I7nOu9B7lKz5mWWYCBuuHwmgn0HIzePAk6Q&s=HHa4Kg7ZoXOz6uC9VkiT_-jMeGdW9Kbfo1CydiT4bM8&e=.
Below is the idnits output for -19 with inlined comments.
>
> PS: I didn't also checked the other issues we're tracking, but will
when we get past these idnits issues.
>
> Kent
>
>
> ===== START =====
> idnits 2.15.00
>
> /tmp/draft-ietf-netmod-syslog-model-19.txt:
>
>   Checking boilerplate required by RFC 5378 and the IETF Trust (see
>   https://urldefense.proofpoint.com/v2/url?u=https-3A__trustee.ietf.org_license-2Dinfo&d=DwICAw&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=vB8Genu4I7nOu9B7lKz5mWWYCBuuHwmgn0HIzePAk6Q&s=L95k8rDeNKaSZXkCpqx2hwzmGDw8trmzmYOT0SLU-fQ&e=):
>   --------------------------------------------------------------------
--------
>
>      No issues found here.
>
>   Checking nits according to
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_id-2Dinfo_1id-2Dguidelines.txt&d=DwICAw&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=vB8Genu4I7nOu9B7lKz5mWWYCBuuHwmgn0HIzePAk6Q&s=wrmo4jVcBb7-_LFH7ty-TOpG80tfe3pWbfCSFZaT6eY&e=:
>   --------------------------------------------------------------------
--------
>
>      No issues found here.
>
>   Checking nits according to https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_id-2Dinfo_checklist&d=DwICAw&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=vB8Genu4I7nOu9B7lKz5mWWYCBuuHwmgn0HIzePAk6Q&s=_seSaCKfzxYeb3b1tfX2RqUk7CKbOsRr3pRVJrQ8lEc&e= :
>   --------------------------------------------------------------------
--------
>
>   ** There is 1 instance of too long lines in the document, the
longest one
>      being 1 character in excess of 72.
>
> Kent: this isn't a big deal IMO, but if it's easy to fix, it saves the
RFC editor a step later on.
>
>
>   Miscellaneous warnings:
>   --------------------------------------------------------------------
--------
>
>   == Line 352 has weird spacing: '...gorithm    ide...'
>
> Kent: this is fine.  it is in a tree diagram.
>
>
>   == The document seems to lack the recommended RFC 2119 boilerplate,
even if
>      it appears to use RFC 2119 keywords -- however, there's a
paragraph with
>      a matching beginning. Boilerplate error?
>
>      (The document does seem to have the reference to RFC 2119 which
the
>      ID-Checklist requires).
>
> Kent: I can't find the error.  Looking at the xml, it is verbatim what
I have in the zerotouch draft.  my guess is that this is a tooling error
and we should ignore it.
>
>
>   -- The document date (January 12, 2018) is 4 days in the past.  Is
this
>      intentional?
>
> Kent: this is fine, it is intentional.
>
>
>   Checking references for intended status: Proposed Standard
>   --------------------------------------------------------------------
--------
>
>      (See RFCs 3967 and 4897 for information about using normative
references
>      to lower-maturity documents in RFCs)
>
>   == Unused Reference: 'I-D.ietf-netconf-keystore' is defined on line
1386,
>      but no explicit reference was found in the text
>
> Kent: looking at the XML, I see that the entire paragraph uses '[' and
']' as opposed to <xref .../>.  Please fix this.
>
>
>   == Unused Reference: 'RFC7895' is defined on line 1456, but no
explicit
>      reference was found in the text
>
> Kent: looking at the XML, I see two instances of an unwanted "/&gt;"
string.  For instance: <xref target="RFC7895"/>/&gt;  Please fix this.
>
>
>   ** Downref: Normative reference to an Historic RFC: RFC 6587
>
> Kent: hmmm, what's going on here?  This YANG module is providing an
ability to configure the "tcp" transport, even though the IESG made that
ability historic in 2012 (see IESG Note below).  Searching online, it
looks like Cisco supports this, but Juniper does not.  What about other
vendors, is it widely supported?  Was this discussed in the WG?
Answering my own question, searching my local mailbox, I don't see this
ever being discussed before, other than Martin questioning if it was a
good idea in Mar 2016 (no response).  Please start a thread on the list
to get WG opinion if it's okay for the draft to proceed as is or not.
Here's the IESG Note from RFC 6587:
>
>    IESG Note
>
>    The IESG does not recommend implementing or deploying syslog over
>    plain tcp, which is described in this document, because it lacks
the
>    ability to enable strong security [RFC3365].
>
>    Implementation of the TLS transport [RFC5425] is recommended so
that
>    appropriate security features are available to operators who want
to
>    deploy secure syslog.  Similarly, those security features can be
>    turned off for those who do not want them.
>
>
>
>
>
>      Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment
(--).
>
>      Run idnits with the --verbose option for more detailed
information about
>      the items above.
> ===== END =====
>
> Thanks,
> Kent // shepherd
>
>
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_netmod&d=DwICAw&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=vB8Genu4I7nOu9B7lKz5mWWYCBuuHwmgn0HIzePAk6Q&s=CoIDcNyLYh6-N6JmL2uSR2Mm2Uh1kAOOpYP8YDb0mmc&e=

v2.23.0 | Report a Bug | By Email