IETF Logo Mail Archive

Re: [netmod] Changing an identity base

"Hartley, Jeff" <Jeff.Hartley@commscope.com> Fri, 27 January 2023 19:44 UTC

Return-Path: <prvs=384312482=Jeff.Hartley@commscope.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D0DDC151531 for <netmod@ietfa.amsl.com>; Fri, 27 Jan 2023 11:44:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=commscope.com header.b="EWLM1lcd"; dkim=pass (1024-bit key) header.d=commscope.onmicrosoft.com header.b="f3zXeFu6"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id piWUu_AAC9ZM for <netmod@ietfa.amsl.com>; Fri, 27 Jan 2023 11:44:26 -0800 (PST)
Received: from esa.commscope.iphmx.com (esa.commscope.iphmx.com [68.232.148.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AA77C151525 for <netmod@ietf.org>; Fri, 27 Jan 2023 11:44:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=commscope.com; i=@commscope.com; q=dns/txt; s=cs1; t=1674848665; x=1706384665; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=t0AO6iMnhZpXodkrQyWDd/gjO1I1HNC6Q1CDcxJiGLo=; b=EWLM1lcdYuJKYWmm/yYUu2aI8refndRuoEB8wSNhyIOFl+hsVLnWOTX8 EbbZEW2gZLqg9+EVeJpFwbSB80meIyN1wJRqf7hy5SwkfFxcamh3f6JTo hvfgbA9hCipFw+4OtvieQ3/avV1E8rYj45lkFhUeSnvyqHPMWA98ug0DT UPq4aCEfvQLKnZgpkeJ5QibCv8hahspq5X7RnBgSl+Bp91XbBLHxUMbDx sAI+5Rc9u7Vj4YwL893GXllxxEdUCzs/dWGSbqxMvmHZ9DEfDfIXhAiE0 TT6Bb2THMNs1REjESu919peEfouWDiWv4oYb9ndRmsksFfFfeAFTKEjQJ A==;
X-IronPort-AV: E=Sophos;i="5.97,252,1669093200"; d="scan'208,217";a="178369537"
Received: from mail-mw2nam04lp2175.outbound.protection.outlook.com (HELO NAM04-MW2-obe.outbound.protection.outlook.com) ([104.47.73.175]) by ob1.commscope.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 27 Jan 2023 14:44:17 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VZ4qwrG/nK4zqFqhmczAPB9YYQ2YlE6aX2VFpZ/PbkVBzgoRGoG1YC6Lxyf6uUydwSLm4KoDDndRCJbjxHzN8DwEoU80r+125ZRb1fJ/dmlDblPQJKpVItK0AUe+3NwMT/wo84Yi7eluPArF0FqnJw2lbKpn8Opd4PIiek3x2DrYkx0SK+owwVEseIhLY62TbAo6bv/k+NvoUyE6FAuJiGf1yznNgb8ttE+HQlUbsfr3U7mSNBdbVJ8rZmt6m7EiGe3wVOHNyx4oWiFctH2arrocxyqpZMXuY2wVuHWhVC8GLNmsFWCVw3f8JITFk+AfI1IsSfQzfarAlNpPQfqOHw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=t0AO6iMnhZpXodkrQyWDd/gjO1I1HNC6Q1CDcxJiGLo=; b=AVsuXLLHSP3MDLYKikgUF2QLp4gT9uIoNWMLQNDz2vK4ugH02WY25e/JCkNMZsXEZ4VxJJ6S6sDwn31Kmp1dDLYBouBW8CguvGq/LXW8oELWn8iAVPP5MBjMEJ9sFXQZr6AginJxtIhnSIcX6UMeJt5xPuF78RhOnhtqMzucvUdyIwWb7vpQQgUfhRssdg2vLOulqO+imPL8n3y/zpt0YD38ROn48IEG0QIr3FCY3RuGbJ1l1/itV+IMjfxxxPvmEw15vU/yEe4suolq+dKAlyBh62ckHd8lzAYaqOjMoaOwFDXX9rSfnK0auoDf+I44LCZjmgSBpFdRtn6xm97Vzg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 35.166.188.152) smtp.rcpttodomain=dmarc.ietf.org smtp.mailfrom=commscope.com; dmarc=fail (p=none sp=none pct=100) action=none header.from=commscope.com; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=commscope.onmicrosoft.com; s=selector2-commscope-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=t0AO6iMnhZpXodkrQyWDd/gjO1I1HNC6Q1CDcxJiGLo=; b=f3zXeFu67yJSXCWoNNetg6aw6igdiybQa8KOauNkIKDBeW6kn7UqnD8v5BUDoUF0RxG894abbvAfIsodS55LqBU8Bq5VCAXOKHjJaTwOjxX+RfahTZg/GjVY9M7+Ps13OA195EkleJOA0owPi36UaLi7TimtYPljbtNp3Thx/m8=
Received: from MW4PR03CA0296.namprd03.prod.outlook.com (2603:10b6:303:b5::31) by BL0PR14MB3603.namprd14.prod.outlook.com (2603:10b6:208:1cd::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.22; Fri, 27 Jan 2023 19:44:16 +0000
Received: from MW2NAM10FT073.eop-nam10.prod.protection.outlook.com (2603:10b6:303:b5:cafe::d2) by MW4PR03CA0296.outlook.office365.com (2603:10b6:303:b5::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.25 via Frontend Transport; Fri, 27 Jan 2023 19:44:15 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 35.166.188.152) smtp.mailfrom=commscope.com; dkim=none (message not signed) header.d=none;dmarc=fail action=none header.from=commscope.com;
Received: from obx-outbound.inkyphishfence.com (35.166.188.152) by MW2NAM10FT073.mail.protection.outlook.com (10.13.155.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.21 via Frontend Transport; Fri, 27 Jan 2023 19:44:15 +0000
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2105.outbound.protection.outlook.com [104.47.58.105]) by obx-inbound.inkyphishfence.com (Postfix) with ESMTPS id AD722FEDE0; Fri, 27 Jan 2023 19:44:14 +0000 (UTC)
Received: from BN8PR14MB3459.namprd14.prod.outlook.com (2603:10b6:408:d7::18) by BY5PR14MB3956.namprd14.prod.outlook.com (2603:10b6:a03:205::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.25; Fri, 27 Jan 2023 19:44:12 +0000
Received: from BN8PR14MB3459.namprd14.prod.outlook.com ([fe80::577d:bba8:f593:a663]) by BN8PR14MB3459.namprd14.prod.outlook.com ([fe80::577d:bba8:f593:a663%6]) with mapi id 15.20.6043.023; Fri, 27 Jan 2023 19:44:12 +0000
From: "Hartley, Jeff" <Jeff.Hartley@commscope.com>
To: Italo Busi <Italo.Busi=40huawei.com@dmarc.ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: Changing an identity base
Thread-Index: Adkyb9db5dPzE8szQAyn3dsE0RO5HQAFsFGA
Date: Fri, 27 Jan 2023 19:44:12 +0000
Message-ID: <BN8PR14MB345987A6048DB6782B0EA05C8DCC9@BN8PR14MB3459.namprd14.prod.outlook.com>
References: <bb5a08c8399f4b358b56b66f7959b37c@huawei.com>
In-Reply-To: <bb5a08c8399f4b358b56b66f7959b37c@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-traffictypediagnostic: BN8PR14MB3459:EE_|BY5PR14MB3956:EE_|MW2NAM10FT073:EE_|BL0PR14MB3603:EE_
X-MS-Office365-Filtering-Correlation-Id: 6cabdda5-6650-4856-84c5-08db009edf4b
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 32nkBHeBU7MOVZRjEIAwqF4pAvhYFUzKTjWuAtl6JBVayBM0SKOjN/lrntoDz1UCtRxqQG9IY4kpopPewtpO0KYLNj9i/TDW+tF3dLe0wSmsf4kM3IPQOiyGMCPg55R0UFTFxTOf13MwXxN9eKBhButD/3xjrY6LM5b1CUrwhZoNA6JvxzDnCjN0++vxwCDp4R0Msma14ybUWfE34oHVoZARl6ylvgGXbJy+AuRaFSmXwVIbDu2qgtt26pvJbk9gEy6NN7Lt0/2OM7VOMEqSNpwAM0yVJR7UB9jilm84pP6RX2mKIC1C/gxNw34rZfBjshZAzb3FPH55DfwuZ1mvPbYSM3LXKD7uRRyaKVYWjLL9mwGbhgk/C+2nNLX5XOzhnr316y0GjQDhASghVfxYWEUFkIQHSy05D+bZowNkU8Fb7G3vx3gtoCavA8y/8vvPoIuTwyFqMxhVvL7aOm6m71Lrxli5T4ssC/kDjqixnMyBiH53QInMUtV9BH4To5E5kGtZgVGJmOVbfNLF9xBCBtQtbUlIn3Gy5obX8WIHZx4DJbyJVsF1Nm0kfaeM8p/mPwJodueiW2GpN2/FctVPv3CmVqZ5uQaz1Q1CHBEUQeDZLLlchxDB7WY3Nvrs5LB8sueiixYPC+ipwwJZ8G3OJ2V36prTruEeO/wGbLEsRuC55+eRg7FlrBeOvyfSWX0+X+7AapUPseF/x7hTPwKymg==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN8PR14MB3459.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(39860400002)(366004)(376002)(136003)(346002)(396003)(451199018)(66476007)(64756008)(66556008)(66446008)(76116006)(8676002)(8936002)(41300700001)(316002)(110136005)(6506007)(53546011)(38070700005)(26005)(9686003)(166002)(38100700002)(186003)(122000001)(5660300002)(66946007)(2906002)(83380400001)(33656002)(52536014)(71200400001)(7696005)(3480700007)(55016003)(86362001)(478600001); DIR:OUT; SFP:1101;
Content-Type: multipart/alternative; boundary="_000_BN8PR14MB345987A6048DB6782B0EA05C8DCC9BN8PR14MB3459namp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR14MB3956
X-Inky-DestinationTenant: commscope-com.mail.protection.outlook.com
X-Inky-CrtDestinationTenant: 6y9fvs4fo28tg8w4cvi8ei:commscope-com.mail.protection.outlook.com
X-Inky-Outbound-Processed: True
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: MW2NAM10FT073.eop-nam10.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: 11403f94-2812-4087-fb35-08db009eddb1
X-IPW-GroupMember: False
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Hf5jNx5VsuDlR/wq3Wt8bVqsRpEygLrLq0yAUzrD32De8skiYqcbgk7wQmjs8u3JyBhWru1AnZjbjCKgbHDDKpIaxn7c02lXoKxEgBS/bq+ULG9sy3YLiGJ5sv8CndGIHr8KfCzxtVW4yQxPXY6IAW2kc+967tQqOeegK7cRkPS/bANDcFnOiwroPM4SDddDmK94Jdxd52F+pjE69+WF5oB3ewY5BxN4bIU/yjYdwA6THd8wHAr2bVZhbeIa7KpQPJutI+btm/W/tVQnScChWFp/VGTfJTXHyWep5gjwpmuQSOC4jZfaUHCiPbp0Ehd+YpHFA+LKmIFY5xO7+98fcChs1l7UQR+T9M3dyqpscmp80sEpyRPPWO4FXeaahl8msonThmJHHXMpbunG+Mka4F5QFxgdoBsxyrVk5xYkTyGqNcewOsC9ZRnN+qbNuVUULnHg9AnjeMbqJPpYMMpy62hZszaiR+WqFJX51NkX4aIwhAqItmWDttmOA7G/EUO1QlG3Cbsd3cDWbEcQq31N7CKIBWddBuf4C5T8/zdMvIrQwNZ1la04blpgeBfQXpOmPVQwIB0EO+smaDGcOhFOCTK1eL28/cxh9el7xgi8sW3qMJp4vzkzR3QzCMXPI1U+xfsDkI/86eWIFFfzyotuTFI5FS7284kiiNNFJ8CEDxyX4nwP6qmJtPm9XI4O4+pU11w9jMqXOi46UaJEpXmzGQ==
X-Forefront-Antispam-Report: CIP:35.166.188.152; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:obx-outbound.inkyphishfence.com; PTR:obx-outbound.inkyphishfence.com; CAT:NONE; SFS:(13230025)(376002)(39860400002)(136003)(346002)(396003)(451199018)(40470700004)(46966006)(36840700001)(55016003)(40480700001)(316002)(33656002)(52536014)(8676002)(70586007)(70206006)(8936002)(41300700001)(53546011)(26005)(478600001)(40460700003)(9686003)(3480700007)(2906002)(86362001)(5660300002)(110136005)(36860700001)(6506007)(186003)(82740400003)(7696005)(356005)(7636003)(7596003)(82310400005)(336012)(47076005)(83380400001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: Zqjx3EsgVXiIbfiKiI+wVQB7Lfb6yYpv+6sDvBChvrMVV/CVfwLYJ4+Q0Z8/LTSEJnKnj4afhXtvIyWNRppPLIZjn1GuXkK5ErUqGCjnUV73d0ujnZsJGwUQifWSiAyc1hsnSA1ByWnCX2rjD/U25a4craQnsjYelzqZySWQ79khBD+frQzRtFwA0SqLTZOn3r+um2Ue2PZ5bMYWEB3y3A/mZ2xqCt3fKcw0WT2rnRLHSdXI5aMv7zOEtKKFhtN5KAVrIrbQ3munBu3isqoVUOE4KWKOL1EMAcngEHzvmYRsYYmQze0VOwH8NuaKmcu+Lj1KDagMcq+y68o9lZz3Pr0xNYRWisWPqLoNQb3zDfGB3B+ugjruyYRwv2dcA5EqyyWW+taAa4nHEl8wy/pjFsAJHU0sj/SLYK4m8HYF6s2B0EtTiwP9lzBNsKWDt9BiHSaseT9iC/ZvA8l3CiZX9CrxaKc/weXNnAVvALOe80JwKwiMNN9T0Btz6f9pB/9UbkAQwbddCIICZZ/IkklXP6eoEBQ9/W/5aUXERAMtP8KCFwdu8ngGif5Hlp4neH6LCsBKYAV+xPXaPOl7gE2V41m4OXhAiAIqv9HmbJq8n8qGs81TkB+WZTHfdYQp2D0/0pvJumt7zXRl6Mha7+cdu3vh5iUzJ8YiTclzagupEJcUXMFoX20Ij2VzNvEzdXGVYl0GlocpapJlxR8gjjAV5Aa/qJ74Pmi4TROjoBkj8d6qvmuj6C6LvC2jpmcj0msb4U6ZvcKRFLX9eMV08L9fbSmqTS5pYl1/00z2r3pms0Cs0jFExoHxP3ajpwilkDG9
X-OriginatorOrg: commscope.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jan 2023 19:44:15.3533 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 6cabdda5-6650-4856-84c5-08db009edf4b
X-MS-Exchange-CrossTenant-Id: 31472f81-8fe4-49ec-8bc3-fa1c295640d7
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=31472f81-8fe4-49ec-8bc3-fa1c295640d7; Ip=[35.166.188.152]; Helo=[obx-outbound.inkyphishfence.com]
X-MS-Exchange-CrossTenant-AuthSource: MW2NAM10FT073.eop-nam10.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR14MB3603
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/G6k_3l_bp00_rfGgyjOQlElGGVQ>
Subject: Re: [netmod] Changing an identity base
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jan 2023 19:44:30 -0000

Yes, bar's relationship to base identity foo is Backward-Compatible in both cases.  We've used the "multiple base" methodology in some of the recently-released BBF models, as one example.

The main potential concern is that (A) is a bit awkward (in my opinion), and whether your YANG tooling will handle that.  (B) is also likely easier to read for your end-users.  (YMMV).

Thanks;
-Jeff


From: netmod <netmod-bounces@ietf.org> On Behalf Of Italo Busi
Sent: Friday, January 27, 2023 11:55 AM
To: netmod@ietf.org
Subject: [netmod] Changing an identity base

According to section 11 of RFC7950, the following change is considered BC: o A "base" statement may be added to an "identity" statement. Since, as explained in section 7.18.2 of RF
External (italo.busi=40huawei.com@dmarc.ietf.org<mailto:italo.busi=40huawei.com@dmarc.ietf.org>)
  Report This Email<https://protection.inkyphishfence.com/report?id=Y29tbXNjb3BlL2plZmYuaGFydGxleUBjb21tc2NvcGUuY29tLzA0Njc2ZWNlMmFlNGM3OTQzOTFhMzZlNzNjOWQ5ZmY3LzE2NzQ4Mzg1MDEuMTM=#key=4a1d6108a6ce092fcc6b62878ef6f9d0>  FAQ<https://www.inky.com/banner-faq>  Protection by INKY<https://www.inky.com/protection-by-inky>

According to section 11 of RFC7950, the following change is considered BC:

   o  A "base" statement may be added to an "identity" statement.

Since, as explained in section 7.18.2 of RFC7950, the derivation of identities is transitive, my understanding is that replacing a "base" statement with new  "base" statement which is derived from the previous one is also a BC change.

Considering the example below, the NEW (A) change is BC according to section 11 of RFC7950. However, NEW (B) is equivalent to NEW (A), since the new baz is derived from foo, and therefore it is also a BC change.

Is my understanding correct?

Thanks, Italo

OLD

identity foo {}

identity bar {
  base foo;
}

NEW (A)

identity foo {}

identity baz {
  base foo
}

identity bar {
  base foo;
  base baz;
}

NEW (B)

identity foo {}

identity baz {
  base foo
}

identity bar {
  base baz;
}

v2.23.0 | Report a Bug | By Email