Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-05.txt

Kent Watsen <kent+ietf@watsen.net> Fri, 01 November 2019 15:23 UTC

Return-Path: <0100016e2790da71-c002c2ae-c799-4052-8964-f2456bb73e46-000000@amazonses.watsen.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E87A12010C; Fri, 1 Nov 2019 08:23:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mJ0N4TjP-Us3; Fri, 1 Nov 2019 08:23:56 -0700 (PDT)
Received: from a8-33.smtp-out.amazonses.com (a8-33.smtp-out.amazonses.com [54.240.8.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D67E1200B8; Fri, 1 Nov 2019 08:23:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1572621835; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=u0ayVGbocF1390bNSq77UvFJL78mnAiTzdFXFVhOjPo=; b=DSIV67Tje8h7zMmFLHyegSIbtj6XwBq2j2HNqGuL47MWml7dYEU6GZrBQSv1f0yT w1RQGRj/s8ZVwh2aF2C03zeMI4ZTyO/QK+Ua5PwHKNm+0xi5gdv5sDsaKldk6YD2HU+ vMungbEW1Ip9vylJ7xDdEaQNuVJr7uTJIiEJUL1E=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100016e2790da71-c002c2ae-c799-4052-8964-f2456bb73e46-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D18E2516-C64B-4CB6-803A-B219D878A1EB"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 01 Nov 2019 15:23:54 +0000
In-Reply-To: <0100016e278f0bb9-897e5aa9-0a49-4bf9-ae2d-9b3372a38695-000000@email.amazonses.com>
Cc: draft-ietf-netmod-factory-default@ietf.org
To: "netmod@ietf.org" <netmod@ietf.org>
References: <157258797979.30380.14870732293250173185@ietfa.amsl.com> <0100016e278f0bb9-897e5aa9-0a49-4bf9-ae2d-9b3372a38695-000000@email.amazonses.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-SES-Outgoing: 2019.11.01-54.240.8.33
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/6qYbXO6XWnmyLGA6EKr9PzzRhpc>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-05.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 15:23:58 -0000

I have reviewed -05 and support it so long as the following comments are considered:

Kent // contributor



==== review ====

Section 1 is missing a NMDA-compliance statement, per
 https://tools.ietf.org/html/rfc8407#section-3.5.




Section 2 says:

   Factory-default content SHALL be specified by one of the following
   means in descending order of precedence

   1.  For the <running>,<candidate> and <startup> datastores as the
       content of the <factory-default> datastore, if it exists;

The (1) sentence doesn't flow from the sentence before.   Maybe you
mean something like:

   1.  Network management protocol (e.g., NETCONF, RESTCONF)
        operations may be used to access the contents  of <factory-default>.



Section 2 says:

   For the server supporting zero touch bootstrapping mechanisms, the
   factory default configuration causes the bootstrapping process to
   execute,e.g.,the server might reset configuration to device's factory
   default configuration,for the version of operating system software it
   is running.

s/the server might reset /the server resets /




Section 2 says:
   In addition,the "factory-reset" RPC might also be used
   to trigger some other restoring and resetting tasks such as files
   cleanup, restarting the node or some of the software processes,
   setting some security data/passwords to the default value, removing
   logs, or removing any temporary data (from datastore or elsewhere),
   etc.

s/the "factory-reset" RPC might /the "factory-reset" RPC MAY / ???



Section 3 says:

   this document introduces a new datastore resource named
   'Factory-Default' ...

'Factory-Default' should not be capitalized.



Section 3 says:

    The contents of the datastore can be read using NETCONF, 
    RESTCONF <get-data> and <get-config> operations.

Which doesn't make sense.  Perhaps:

    The contents of the datastore can be read using NETCONF 
     <get-data> and <get-config> operations, and the RESTCONF
    protocol equivalents.




Section 3 says:

      The operation <factory-
      reset> can be used to copy the factory default content to a set of
      read-write configuration datastores and then the content of these
      datastores is propagated automatically to any other read only
      datastores, e.g., <intended> and <operational>.

This is confusing.  I think what you want to say is

      The operation <factory-
      reset> copies the factory default content to <running> and,
      if present, <startup>.




Section 4 says:

  import ietf-netconf { prefix nc ; }
  import ietf-datastores { prefix ds; }

These statements are missing "reference" statements.




Section 4 says:

    description "The read-only datastore contains the configuration that
      will be copied into e.g., the running datastore by the
      factory-reset operation if the target is the running
      datastore.";

which excludes <startup> and confusingly mentions a "target" when
the RPC itself has no parameters.  Perhaps:

    description "The read-only datastore contains the configuration
    that  will be copied into <running> and, if present, <startup>.";




Section 5.

Please make the registrations have single-spaced lines.




Section 6.

The last paragraph doesn't make a point.  Perhaps conclude with
something like:

  "This module does not itself set "nacm:default-deny-write" on the 
   'factory-reset' RPC, leaving it to applications to configure the
    access control settings."




Appendix B should have a note to the RFC Stream Editor to 
remove it when the draft is published.



Kent 






> On Nov 1, 2019, at 11:21 AM, Kent Watsen <kent+ietf@watsen.net> wrote:
> 
> 
> This begins a two-week Working Group Last Call (WGLC) on draft-ietf-netmod-factory-default-05.  The WGLC ends on Nov 15 (two days before the NETMOD 106 session).  Please send your comments to the working group mailing list.
> 
> Positive comments, e.g., "I've reviewed this document and believe it is ready for publication", are welcome!  This is useful and important, even from authors.  Objections, concerns, and suggestions are also welcomed at this time.
> 
> Thank you,
> NETMOD Chairs