[netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <draft-ietf-netconf-ssh-client-server-40> for your review
mohamed.boucadair@orange.com Thu, 19 September 2024 05:28 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 965A6C1CAE85 for <netmod@ietfa.amsl.com>; Wed, 18 Sep 2024 22:28:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.803
X-Spam-Level:
X-Spam-Status: No, score=-2.803 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aCEdrsIgVWQT for <netmod@ietfa.amsl.com>; Wed, 18 Sep 2024 22:28:48 -0700 (PDT)
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.210.124]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97086C14CF0C for <netmod@ietf.org>; Wed, 18 Sep 2024 22:28:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; i=@orange.com; q=dns/txt; s=orange002; t=1726723727; x=1758259727; h=to:cc:subject:date:message-id:references:in-reply-to: mime-version:from; bh=jI5xFV8sTUDPyHVBNtL9YV+n2bxcO54JIxaZgBM7S1A=; b=OOuwey/I142BQjJvx39BsRvqspQ5h5YMvdTybJpU7CYNc3Yu+LUuylJI ljV5muYQ4VXRu2nrDOPdZpBj6Rna43Jx33OP5H/iTWM0O1UZnDlcN+ZY4 Nb/vSJ387r9paUPwVwV6Mdu7miaGARUkqqMFL0tFOG626qhFzUsAr4KjX aV3QbkZ4xXHknn8CaTdCeWQ+Pl5BThQNEyhMS10mbeRrHW3d4FSewE1cO Y+54eZfT7sUP1nACZCkSTwjuS0+PR4C/mv991syC/sEA145twzEZV3uWu BIRQx5DC7S/2JkcgKon3ezx0ff+FVwwwxJO2W6OXG+jM3srqKZQscbHkI Q==;
Received: from unknown (HELO opfedv1rlp0e.nor.fr.ftgroup) ([x.x.x.x]) by smtp-out.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Sep 2024 07:28:45 +0200
Received: from unknown (HELO opzinddimail4.si.francetelecom.fr) ([x.x.x.x]) by opfedv1rlp0e.nor.fr.ftgroup with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Sep 2024 07:28:45 +0200
Received: from opzinddimail4.si.francetelecom.fr (unknown [127.0.0.1]) by DDEI (Postfix) with SMTP id 448A8BC1D4CA for <netmod@ietf.org>; Thu, 19 Sep 2024 07:28:45 +0200 (CEST)
Received: from opzinddimail4.si.francetelecom.fr (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id 1DBBFBC1D40A for <netmod@ietf.org>; Thu, 19 Sep 2024 07:28:28 +0200 (CEST)
Received: from smtp-out365.orange.com (unknown [x.x.x.x]) by opzinddimail4.si.francetelecom.fr (Postfix) with ESMTPS for <netmod@ietf.org>; Thu, 19 Sep 2024 07:28:28 +0200 (CEST)
Received: from mail-northeuropeazlp17012029.outbound.protection.outlook.com (HELO DU2PR03CU002.outbound.protection.outlook.com) ([40.93.64.29]) by smtp-out365.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Sep 2024 07:28:27 +0200
Received: from DU2PR02MB10160.eurprd02.prod.outlook.com (2603:10a6:10:49b::6) by PAWPR02MB11139.eurprd02.prod.outlook.com (2603:10a6:102:469::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7962.24; Thu, 19 Sep 2024 05:28:25 +0000
Received: from DU2PR02MB10160.eurprd02.prod.outlook.com ([fe80::c9a1:d43c:e7c6:dce1]) by DU2PR02MB10160.eurprd02.prod.outlook.com ([fe80::c9a1:d43c:e7c6:dce1%4]) with mapi id 15.20.7962.022; Thu, 19 Sep 2024 05:28:25 +0000
From: mohamed.boucadair@orange.com
X-TM-AS-ERS: 10.106.160.161-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-DDEI-TLS-USAGE: Used
Authentication-Results: smtp-out365.orange.com; dkim=none (message not signed) header.i=none; spf=Fail smtp.mailfrom=mohamed.boucadair@orange.com; spf=Pass smtp.helo=postmaster@DU2PR03CU002.outbound.protection.outlook.com
Received-SPF: Fail (smtp-in365b.orange.com: domain of mohamed.boucadair@orange.com does not designate 40.93.64.29 as permitted sender) identity=mailfrom; client-ip=40.93.64.29; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="mohamed.boucadair@orange.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 include:spfa.orange.com include:spfb.orange.com include:spfc.orange.com include:spfd.orange.com include:spfe.orange.com include:spff.orange.com include:spf6a.orange.com include:spffed-ip.orange.com include:spffed-mm.orange.com -all"
Received-SPF: Pass (smtp-in365b.orange.com: domain of postmaster@DU2PR03CU002.outbound.protection.outlook.com designates 40.93.64.29 as permitted sender) identity=helo; client-ip=40.93.64.29; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="postmaster@DU2PR03CU002.outbound.protection.outlook.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/15 ip4:52.102.0.0/16 ip4:52.103.0.0/17 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all"
IronPort-Data: A9a23:tpQMm6Ofh32gJG/vrR2jkMFynXyQoLVcMsEvi/4bfWQNrUpx0WQEy DdLDGiCPPeLZGDwctt2YNjgoUsCv5XQy4BjHAZtpSBmQkwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+lH3dOGJQUBUjcmgXqD7BPPPJhd/TAplTDZJoR94kobVuKYw6TSCK13L4 IuaT/H3Ygf/h2YlazJMsMpvlTs01BjMkGJB1rABTaAT1LPuvyF9JI4SI6i3M0z5TuF8dgJtb 7+epF0R1jqxEyYFUrtJoJ6iGqE5aue60Ty1t5Zjc/PKbi6uBMAF+v1T2PI0MS+7gtgS9jx74 I0lWZeYEW/FMkBQ8QgQe0EwLs1wAUFJ0LPFeHqFqZaO9GmcSyvB+6RuFBAKYJJNr46bAUkWn RAZABwwNCi537md/erjEK9rm9gpK9TtMMUHoHZ8wDrFDPEgB5feX6HN4twe1zA17ixMNaqGI ZtCL2QzKk6RC/FMEg9/5JYWmeCoj3zyf3tSr0+erKY+4nL7yxZ41rfgdtHSf7RmQO0Ixx3F+ j+eoAwVBDkaFuCh7hy7r0vrpdXP3hLEQKxOBY2Bo6sCbFq7nTdJVEJ+uUGAify7h1K+UtRWL UAd/CsGoq079UjtRd74NzW7rXiY/R8RR9R4DOQm8wyLjKzZ/26xAGUYSzlNQN0rqMFwQiYlv mJlhPvsDD1r9buSU26d+6qOqiu/MDoRNTZdPXZeFVFUpd7+vIs0kxTDCM55F7K4hcH0Hje2x C2WqC85hPMYistjO7iHEU7vjzD1pKLRFBMOwl/vDk+dvwNhNbL4eNn9gbTE1spoIIGcR1iHm XELncmC8ewDZa1hcgTdEY3h+5n5t5643C3gvLJ5I3U23xWAk0NPkKhV6TB6YUFuKNoEdCLzZ 1fesBFV/MYMZCLwNfUmJYWsF84t0K7sU8z/UezZZcZPZZ43cxKb+CZpZgib2GWFfKkQfUMXZ s3znSWEVCxy5UFbINyeGrl1PVgDm31W+I8rbcqnpylLKJLHDJJvdZ8LMUGVcscy576erQPe/ r53bpTQlUsPDLehPHSMreb/yGzmy1BqXfgaTOQHJ4a+zvZORjB5UJc9PJt9JdM5xPQNxo8kA FnkABcDkQev7ZE4Fel6Qis4Mu+wNXqOhXc6NjYrJlGmxzAoZpy3hJrzhLNmFYTLANdLlKYuJ 9FcI5voKq0WFlzvpW5BBbGj99cKXErw2mqz09+NO2RXk2hIHFGRprcJv2LHqEEzM8ZAnZJk/ +T9hliLGMVrqsYLJJ++Vc9DBmiZ5RA18N+elWORSjWPUC0AMbSGKhAdStcbHps0E02Y7QbCj 1zQBgoEr+7QpYNz6MPOma2Ps4auFa15A1ZeGG7Yq72xMEE2O0K9lJRYXr/gkS/1DQvJFGeKP Y25DM0Q9NUAhl9MvIc6GLFupU77z8W6vKdUl2yIA12XB2mW5mtcH0S7
IronPort-HdrOrdr: A9a23:82MMkqBZFTQV+xjlHegnsceALOsnbusQ8zAXPh9KJCC9I/bzqy nxpp8mPEfP+U4ssHFJo7C90dq7MAjhHP9OkMEs1NiZLW3bUQeTQr2KqLGSugEIeBeOvdK1t5 0QFJSWYeeYZTQUsS+52njfLz9K+qjlzEncv5a6854bd3AJV0gP1WZEIzfeNnczaBhNBJI/Gp bZzNFAvSCcdXMeadn+LmUZXsDYzue72a7OUFojPVoK+QOOhTSn5PrRCB6DxCoTVDtJ3PML7X XFqQrk/a+u2svLhiM0llWjoKi+quGRi+erN/b8yvT97Q+cyTpAUb4RFYFqegpF4t1Hpmxa1e Uk6C1QRfibo0mhA11d5yGdkTUImQxelEMLxTKj8AfeiN28SzQgB8Vbg4VFNhPf9ko7pdl5lL lGxmSDqvNsfGT9dQnGlq31vitR5z6JiGtnlfRWg21UUIMYZrMUpYsD/FlNGJNFGC7h8ogoHO RnEcmZvZ9tABqnRmGcunMqzM2nX3w1EBvDSk8eutaN2zwTmHxi1UMXyMEWg39F/pMgTJtP4f jCL81T5cdzZ95Tabg4CPYKQMOxBGCISRXQMHiKKVCiD60DM2Klke+E3Fz03pDYRHUl9upDpH 2aaiIniYcbQTOeNfGz
X-Talos-CUID: 9a23:XDX4cG0/YJGhm0yGFIwRyLxfFsJ8cEfFlmrrBxWAWUtRGb2NGGPN5/Yx
X-Talos-MUID: 9a23:vExYpAbgjxB0LOBTtx3QuhZECppRpIeUCAM8ro0o59i0DHkl
X-IronPort-AV: E=Sophos;i="6.10,240,1719871200"; d="scan'208,217";a="51354507"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QRCHXX9Mzq5so/Hq24MitfT/nKqyH77DaRGCQZuEECfGLzEd31gd0Qct92d7aGJZVf4PBnCxk9YUd/p4t4VX1lfUzrCG7gVsza12vyLR7kYYMsdJ5MTpAAguFd4F+LdSz3TWWoh1lV/WC5Zrhquu42d94By/1O00KMvs6JBUkeCOGtAmpm3xOPL077LWSKSgB6sVcw3HklnfNSUTvTUfkyYivBP3i9xEKW0s1pqRP4k9Z92WQa+k/QkmG27v7fmGG2XYWZlESfPB8OLFF05lBjxiW7A+5lkxa4YiKkpVPwRJJxaluCj/yL6u+8nu2mr3DpVgKNuFhxhFRNi9OxHPew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RnoJKYV8ywWrZQkVACYhG91TyCIfQ2D8qzKGu1LJ7Vk=; b=WVHAEUQxkaX4UuNHJforLW7xfQibkB/7WUfxdohyBM2yP/CnRS/58Nqv+1UYIPzFzNNiMVnQNEUOKFNqTyJ/bwE7actWb7mUIGqkO5hBwWbC7fDawXgi0zlnscIkcqipTw+wecBZ8Zy6f1AR2q/Stm4EmNxhGbNOmXHg8cyOGjeCiuQfcEsuMQ/sZlCwiCeVkYC/97BAx461HJIGch/LX+lY3WKTGuJ1oOxMUUDxFFySrBocRaKzhTkPpuWRljloHy1Rh40Xvknr3ozKhsoSJ07F8OyJc0fAXz2jmdzmyjPZodoGmygrARntzSvLe4tycH49tKzvvNNbDOQdYJogiQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=orange.com; dmarc=pass action=none header.from=orange.com; dkim=pass header.d=orange.com; arc=none
To: Mahesh Jethanandani <mjethanandani@gmail.com>
Thread-Topic: [netmod] AD - Re: AUTH48: RFC-to-be 9644 <draft-ietf-netconf-ssh-client-server-40> for your review
Thread-Index: AQHbCeVksAL2foHbaEqjoLFqtLe+tLJelHNA
Date: Thu, 19 Sep 2024 05:28:25 +0000
Message-ID: <DU2PR02MB1016024AA5D308475BEAE886688632@DU2PR02MB10160.eurprd02.prod.outlook.com>
References: <DU2PR02MB10160B7C5E0C210F82B774BD788642@DU2PR02MB10160.eurprd02.prod.outlook.com> <01000191e5e7bd22-2999d337-8925-470f-abb4-890ca32884aa-000000@email.amazonses.com> <DU2PR02MB10160807B1741AC3C990199AF88642@DU2PR02MB10160.eurprd02.prod.outlook.com> <01000191e6f83d74-cc10b47d-554c-4882-8da0-37ba8861baeb-000000@email.amazonses.com> <DU2PR02MB101601D568F5AA4CD8272FA5C88622@DU2PR02MB10160.eurprd02.prod.outlook.com> <433C4E14-A9F5-435C-93E7-42266D68553E@gmail.com>
In-Reply-To: <433C4E14-A9F5-435C-93E7-42266D68553E@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=e58d7635-381e-4bb3-84bb-fa581d0ddbe6;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2024-09-19T05:28:16Z;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_ContentBits=0;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Enabled=true;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Method=Standard;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU2PR02MB10160:EE_|PAWPR02MB11139:EE_
x-ms-office365-filtering-correlation-id: dde7e0b8-c245-4057-15d0-08dcd86be297
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018;
x-microsoft-antispam-message-info: Ys3COeywg51PhQLm/LqEUF5zDI2kHQE62kX+KCB+2mkGCnOIisjgHnBLEIz3BieNOXWddBh23HnbRkCJTjpGyGy1QBztrY4y8D97hqoKjilXfJoRGn5pI5m9tg6G/EfDDDCpS0tw8nkB3cFli1ROMu/tOkmbDd/RPsO2lLw629mOGNxU2tmjHmvH53zrp8XIpSiXgyr3A+deH6BoozByDW8XtvRK8r0Om9GIIOjCDMhei1kp9CZU+JUk6plfSBzEW58tCiT/iWUd8uOtDAXOPM9MquInl9I4xgMYADfLQ+qeCMnJJIxJJk1k8Oydhz/Gq8x5YoPUI245QO9X/6riKSd3uwqYy8AVBzHpoyrmb2uNYXPjX8hNlLlWzXiSed7g9nDNraQOvpl2Rj/QXq7CYbWKL50Q3kytpQIVp6ukDdc9n8udFZz8xZroWF3TQI17KRQ7oOy+8/o+kIWH3t28ykV1j7Od/4zLySRN9HHC2I6730Lg3XVSKQP+Q1fwqPgiuY159UoeMkZfBleCnKMgewhAs1NSgZrs74+1549mwdKObDhLkloYsbSqc3kh93UP529gsZvGpxgw2vEVkxdmMb4shCI4OWsWJ1uHt4NGMYK5CHDlv81vTZbUoeYlpc8fSMWa3VOs9nAM8LjHs9TcxvCsmj3JXIG90WC8HF2Tf0PZl7iDu8Nf57qlZFASvM0IXmFPEtD2naH163gksDFZIjS5PxOsPbsT5xIa6nrn3Bit7jIs/ti8fho6qKz3p0zPPRCsNqekGwHkAY4Q1HEImzo2cdsrK0sPZYalAe14KUt4NdgbE5hw1XZuhJxLjPKGWFO33gaEWPcBGNLfo+AtL5j9lE11cyqq8/C1+epEJsS/JP7yf/eo5rVhLFQoARfTqX2sGqFGh2Wzw03p43z4vnY2Ow7JjtS3Z+7pW+SzEpmlsYx66aJdCVaBgnJ48HO7E9+zmCv8sZLqS9qk1b/2f6ogoJJ5KOK0GGJfuaJKeilQrqEukBSGH4AL7ECfcT6oGcYD08PuOX1TOFxhi2+peiUzAmGtptgwMU1oyXWs6synCkJiJamZ8COk/yFYS//QYsjYYHs8x1LeYq4ldDIhlIHW4DoYXqEY7ZLPFa1TBwEcugElN00eKaEZC4A18kVwqxeUyDfu6JNQP0pXKAbENRQ2SDgcVDQRtm/pX77inTeJIF74uKFclaXRYToaPliAY5oDcQNl5NsRt8NHmAZBIgzQzMEmtzIsc5etgoN8Ld1fkrWBtbvuuEnfXEfpaAJKYclTwHiNX6SkSbJRVyN+JcAomZELpWGaYQ3BfVeQagslwQ1URIR4xa4HNCstxb3w5hvzStfz3RDIpwo3Tt/4l9JW+6oYhUCxyYORh3UooKs=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU2PR02MB10160.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: J99wudJ9jnyok5jT7k4W5ym9Gt3B5FKdqX2sMicLz/9Rusos44AjJRgxbPf0jKa2iecfMVjk365pqMzC310ROf87aLBW6ycu/g94yqIRMl01qoirx/G02rHhFXTj2Mdg4mUFXi1QlD8WNLpn33U/xtuYJOaDITFkB/vyI9nSLuoTO07DVlL79qF9EeDJnkRfuLt3o+ZgkqqXqrP93SrZd8rAGh2MJ4jbztoMjxANF8yPcD7EALaMLFWxPbumjKbE25JbwepiXigM33QXi13q7jbYdQKvHLUrDPOJVzQH7sVEEu0I9mntRffmOCCtCGfZ+UctWls1WGUyXJ3YAsklDzdnXvJhh0umjKKQ9IP1Eztj0YuIreUxZBYVF76MnL2T7P16etT2WilSEdxn213pJHUnFmrM3cD4E5TaLyuYwDMqVNckSgl2pRUVATCHXo72qcFVWbLvG/m33LEtADkqQ5awAgHipa7gKZO+brFU/WTztEeXIRuIJx0nWAgtYffAGPCVIxmFo9sKkFXf1NJL3UHJSaYCK1HcB5ttkfplsfA9zZTmCleltetAhqwIQlrWJdUMXYHOpPMSrQ8pN+0e4J75rRxlXtpUyN6C+jJeyy4qBi2dnQYni/8LS9hEwK9woFQ+H3hO0WTzXLQHK5qRoA9rPCipjyGttc+e4/4i/TACBAxruu4irnPS1k6OJHG7eBHqGdcSH0DiF1GqkDbYPKlXH7/rtP2KpNRwp5yVvf8+00w1MFUdlefTn2vnCkKhGG3WSkJD6AO+6IwmzXV919Pb3W0luTcCSUhqYWSxZzBj1zcZ+n3Skp8Nh9JqJUYiB1luE3prnjgpQrIY9j7YNPq6o0QYVEuKb+/E0b93ZT7JSQuDEPLp1FGOY+kYMkWySn7JJuWbi0lB5/ok6dftuq8VQZPEOsZuG2HeB5nOKTTjKqIM9aw+8dqjPq/bmAgdZ+dZwf1YSU32AdGLPMbz93obAfepWqRavLxdV6QudKDdZb/8H/Le/ccx1aoQYWm5lqxk+q+cnJOf0emdlAoOMf+Qwnl4g7fjjDKGMO/tfa1JOtslbNgvlYYgbUpXpu0r/yDqG8Wm4sWYkHEf24LDb0KwzKiG3T0I8abRZ0Sfxb7jehpvDCZL5xVNWXndDDHlkYzP1xgBbmezaJjdtMMQCRyyLO56gWcDUeEJmd2a2ad4U5ZEw/t59G4kQ3IJXWNYz/88zk5pycAisvAtN07EaVWYHrbziz/gL8enPpQQgXDQ3V903AkCpcmWrtSEEQy3riK4z4BwykKF1ES8IYkcCYpCFV+o5nzTaIXQJnFshvzLXMJNMmD6bWJznk+mZOzNBxqc8wm/YG/HpSdIO+NqRNxvr1iCxnDEzE2ZUyj/ADg3lEBZM9Eqm/m/su7SIzLA41elw/TR3MERF/wuJztHWEcUcXzAsbgyWKbSCrJ60Km547JiMjueiSU2KKH3GgYt4FrqX781YDyp7f3OL/O8vw/xdFCih5rkaQizx93X6TveCIDfUNXX74BZHQMVZelYMR7BfD09zoiqibuM3JjzS4MW07Xwszf8NGIkPqzn/cOw7/8bWZOwgAQmSoYRlT8ddyKp1BlT1MUmdW8iuCUf6Q==
Content-Type: multipart/alternative; boundary="_000_DU2PR02MB1016024AA5D308475BEAE886688632DU2PR02MB10160eu_"
MIME-Version: 1.0
X-OriginatorOrg: orange.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU2PR02MB10160.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: dde7e0b8-c245-4057-15d0-08dcd86be297
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2024 05:28:25.4082 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: /oCURc+A2kNvX5Qx2uIvEDaX9gH8NSbjfQelPhb2jcXHAAONo9tAZrru2rIoTYDgPZUk2I3PHIqveuscY1cvJhbO2jHCNN/RZhCZq1x9tnU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAWPR02MB11139
X-TM-AS-ERS: 10.106.160.161-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-TMASE-Version: DDEI-5.1-9.1.1004-28672.004
X-TMASE-Result: 10--34.757300-10.000000
X-TMASE-MatchedRID: yjnS9vcsjynuYusHgJkgyqYERiJGNri88cT/p2AepNNPl2Vssj/olaNR 7ZEgRD060Z3d9u2k6IzrkHdTLFm2ZQ2bPyoJqnZLb04uIQZycc3CaoKXSBWa6+kDBMmb59I0Um8 zB4LqSfOrmN/oD6fA8eBX8Ypq0C8liH95tLFH8efcAmu1xqeetrcIt210bWgIUTmLqO1L4ceVr8 ccfGR5UqGc04eSuvZY717yJ8IcCtsM6z3iDvziB9OimSUYAMlZ/oL9JzX6s1AY20f1wrB11mLFz dwi9JxJtMIHmeOTMsrH8jg4Y79GXodlc1JaOB1TIWnK2PB3w5WueqlDxh8TobxPAHVpSmorGT0u 8vw7+IAmcIj/rrT+da0EmYyuPyLJuW77/y896shy4VFP6muDhh2kiqKHn7kiUMsRyhtec7wh9xj 2xUWVwTcp6NN2JBt5J3mwEy28e7sMb/56lDFzRk4Z9+xRT+QNjKliLnzh57rTvNpVkSD4M2yZkL qqiUjNaynZZgiNvF3OAp9H1IibggihQ5NZCXsSC//1TMV5chNrbYQHGx62S3P41aRFCNo23eSQr ynh0LU6QOSvZtSafBSHrTqtvqVQn6y0mNkW0aQkLOyqkOTbnRZa9JpYZmw7Nh9MrFwQmWgqqtDu UtwyfDFPR7iDvfrq3J0ya90a/Jcv09a+vBP41t3+LYAVV62d5MDAlfnFRGrkOcBASKLbvYNY4/m aecH5jzAiThlr6N7U/3t8gq0srGN5V59dR3bU4lzqEpaPQLX+Aw16GgqpO1h4t4PHnsBUsLQ3Ko irpR0epuyeN3kvMh/Qfe1gmZY9olVO7uyOCDVKHhaQPPG6/o5hyiW8kJaQBNVCIloTK1P9dU4/w VV+on41niV9KymzQ2B/dw3ziQ5RGaeOJTnMW2mRqNBHmBveuME6WhSqqOE8iiEXp38wSLXwHj/A msmGrSFs54Y4wbX+efAnnZBiL6nKAIYoU8L4F5iXm5LZACA=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
X-TMASE-INERTIA: 0-0;;;;
X-TMASE-XGENCLOUD: bbe10d5f-2099-4a38-926e-55a7d487d495-0-0-200-0
Message-ID-Hash: 26WXBK6MIJPXED6A57AWS3MZZPIGFFUE
X-Message-ID-Hash: 26WXBK6MIJPXED6A57AWS3MZZPIGFFUE
X-MailFrom: mohamed.boucadair@orange.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Kent Watsen <kent+ietf@watsen.net>, "netmod@ietf.org" <netmod@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <draft-ietf-netconf-ssh-client-server-40> for your review
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/PG4H-s0M-UtbV5Wju93hfLzqjpw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>
Hi Mahesh, Agree. The link is not broken because redirection is still in place, but wiki tracs were replaced. Also updated other trac urls as you can see in the full change: https://github.com/netmod-wg/rfc8407bis/pull/66/commits/794ec08d93a4ce10588c1547b39c075b1b7d330d. Cheers, Med De : Mahesh Jethanandani <mjethanandani@gmail.com> Envoyé : mercredi 18 septembre 2024 18:11 À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com> Cc : Kent Watsen <kent+ietf@watsen.net>; netmod@ietf.org Objet : Re: [netmod] AD - Re: AUTH48: RFC-to-be 9644 <draft-ietf-netconf-ssh-client-server-40> for your review Hi Med, Thanks for making the updates. One edit I would make is the link to the wiki page where the security considerations reside. It is: https://wiki.ietf.org/en/group/ops/yang-security-guidelines Once it is finalized here, I will ask the secretariat to update the template at that link. Thanks. On Sep 18, 2024, at 7:59 AM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote: Hi Kent, Thanks for the follow-up. I went with many of your proposals. For "have to use/have mandatory/MUST use", I went for "have to use" for now. The use of normative language may be questionable as this is more about use, less of an interop matter. A full diff to track changes can be seen here: https://author-tools.ietf.org/api/iddiff?url_1=https://netmod-wg.github.io/rfc8407bis/draft-ietf-netmod-rfc8407bis.txt&url_2=https://netmod-wg.github.io/rfc8407bis/sec-comment-from-Kent/draft-ietf-netmod-rfc8407bis.txt. Let me know if there are other occurrences that I missed where we need to follow "modeled after" approach. Thank you. Cheers, Med De : Kent Watsen <kent+ietf@watsen.net<mailto:kent+ietf@watsen.net>> Envoyé : jeudi 12 septembre 2024 18:02 À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>> Cc : Mahesh Jethanandani <mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>>; netmod@ietf.org<mailto:netmod@ietf.org> Objet : Re: [netmod] AD - Re: AUTH48: RFC-to-be 9644 <draft-ietf-netconf-ssh-client-server-40> for your review Hi Med, Sorry this is taking so long, but we're getting there! ;) The reference of QUIC is to the protocol, RFC 9000, not NETCONF over QUIC, an I-D as you note; just as the reference is to SSH protocol, RFC 4252, not NETCONF over SSH, RFC 6242. [Med] I understand the intent is to cite the transport themselves, but the text refers to MTI of these "YANG-based management protocols". I don't think we can make any claim about QUIC here as we don't have an authoritative spec for that. If we want to cite QUIC, some further tweaking to the text is needed, IMO. RESTCONF already supports QUIC. [Med] Yes, RESTCONF does not require a specific version of HTTP but still TLS is what is indicated as MTI for RC per rfc8040#section-2.1. I was thinking about this nuance too. QUIC uses TLS, so I think rfc8040#section-2.1 is still satisfied. That said, the NETCONF WG will be working on a RESTCONF-next version, for which it would be easy to add some clarifying text - agreed? I just added this (https://github.com/netconf-wg/restconf-next/issues/19) - good for now? No transport-binding document will be written to enable QUIC for RC. [Med] Isn't rfc9114 that is applicable for RC, rather than 9000? RFC 9112: HTTP/1.1 (i.e., TCP-or-TLS over TCP) RFC 9113: HTTP/2 (i.e., TLS over TCP) RFC 9114: HTTP/3 (i.e., QUIC, i.e., TLS over UDP) If we ref 9114, then we'd have to ref the others also, which isn't what we want. This is why 9000 is refed - makes sense? [mj] Why do you say that? The statement says the protocols have mandatory-to-implement ... [Med] Having an MTI does not mean that MTI is actually used/enabled. Touché :) One could process "implement" to be at the runtime-level or code-level. I meant the former, and see that you're interpreting the later, which is fair. First, I wonder if there isn't a formal definition for MTI that disambiguates the two cases. Looking, I see MTI used in the context of algorithms, which lends itself to the "code level" interpretation. Fine. [Med] Thanks Then either s/implement/use/ or s/-to-implement// ? [Med] « have to use » would be better, IMO. Hmmm, so this? These protocols have to use a secure transport layer (e.g., SSH [RFC4252], TLS [RFC8446], QUIC [RFC9000]) and have to use mutual authentication. vs These protocols have mandatory to use secure transport layers (e.g., SSH [RFC4252], TLS [RFC8446], QUIC [RFC9000]) and mandatory to use mutual authentication. Vs These protocols have mandatory secure transport layers (e.g., SSH [RFC4252], TLS [RFC8446], QUIC [RFC9000]) and mandatory mutual authentication. Of the three, I like the last one most, but like the first one (yours) next. I like the last one since the statement seems stronger. One idea might be this: These protocols MUST use a secure transport layer (e.g., SSH [RFC4252], TLS [RFC8446], QUIC [RFC9000]) and MUST use mutual authentication. But I don't think RFC2119 language should be in the Security Considerations section. Thoughts? This section is modeled after the template described in Section 3.7 of [RFCAAAA]. This first line wasn't picked up. Note that the word "modeled" gives an authors a little flexibility, as is needed sometimes. To point, the RFC Editor takes the words literally and raise issues when things aren't exactly same...until this word was changed. Honestly, the same should be done to all of the templates defined in the document. [Med] This is fair. Please see: https://github.com/netmod-wg/rfc8407bis/commit/972970ce16c050d8420f50f07637f4e00770cdd5 Thanks, both for accommodating and the link. Looking at the PR, it is only for this template. Do you not agree that "modeled after" is good for all of the templates? The "<module-name>" YANG module defines a data model that is designed to be accessed via YANG- IIRC, you use different words than "data model". I'm trying to use sufficiently ambiguous language that includes also modules that only define identities, or only enumerations, or only typedefs, etc. I was going to write "data model, or parts of data models," but it seemed unnecessarily wordy and obscures the main point of the sentence. I don't deny that my text could be improved, but your take didn't seem right either. Can you reply to this? So we have: The "<module-name>" YANG module defines a data model that is designed to be accessed via YANG-based management protocols, vs. The "<module-name>" YANG module defines a schema for data that is designed to be accessed via YANG-based management protocols, FWIW, I only know about your changes to my text because I received GitHub notifications. Was a link for the PR sent? In any case, it would've been nice if you'd stated that changes had been made, rather than me having to discover them on my own. [Med] I didn't share the PR because that wasn't ready yet and I was waiting for the discussion to converge to have something I'm more happy with it. Now that you are on it, feel free to propose your edits directly there :-) Thanks. I'm unsure what you mean, but I don't want to submit PRs and, honestly, I don't want to look at PRs. I want the full conversation to be on the list. Kent // contributor ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [netmod] Fwd: AD - Re: AUTH48: RFC-to-be 9644 <dr… Kent Watsen
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… Kent Watsen
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… Kent Watsen
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… Mahesh Jethanandani
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… Kent Watsen
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… Mahesh Jethanandani
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair
- [netmod] Re: AD - Re: AUTH48: RFC-to-be 9644 <dra… mohamed.boucadair