Re: [netmod] identityref with multiple base statements (follow-up question)
Ladislav Lhotka <ladislav.lhotka@nic.cz> Wed, 23 September 2020 14:28 UTC
Return-Path: <ladislav.lhotka@nic.cz>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 464D33A0FFA for <netmod@ietfa.amsl.com>; Wed, 23 Sep 2020 07:28:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nic.cz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aRiCbM3aeRU7 for <netmod@ietfa.amsl.com>; Wed, 23 Sep 2020 07:28:42 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE6823A0FF5 for <netmod@ietf.org>; Wed, 23 Sep 2020 07:28:41 -0700 (PDT)
Received: from localhost (unknown [IPv6:2001:1488:fffe:6:a88f:7eff:fed2:45f8]) by mail.nic.cz (Postfix) with ESMTPSA id 4733913F651; Wed, 23 Sep 2020 16:28:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nic.cz; s=default; t=1600871318; bh=T5ultz7kY02cy1IVvsY71vCkgD9aJFMkwctW5JTkKkM=; h=From:To:Date; b=CNgDaunxmF7CeMadx757Ek++L++NAnVt5Lteqt0wCP9RBKLVcY1a7td8TsY+3gCTH PQLJAbRycAGcx4a9zSsq1Sb6Hh+yNuZfs/Hy3+M6g5hr4Verfee+d6BPVSoqKQaLQA qNIp/POGEKOyHncMDLRFPT2j9REvftP+hLgeQl6w=
From: Ladislav Lhotka <ladislav.lhotka@nic.cz>
To: Italo Busi <Italo.Busi@huawei.com>, "netmod@ietf.org" <netmod@ietf.org>
Cc: Joey Boyd <joey.boyd@adtran.com>
In-Reply-To: <7f4e6d298f16434b9555eaede6f3fe0e@huawei.com>
References: <7f4e6d298f16434b9555eaede6f3fe0e@huawei.com>
Mail-Followup-To: Italo Busi <Italo.Busi@huawei.com>, "netmod@ietf.org" <netmod@ietf.org>, Joey Boyd <joey.boyd@adtran.com>
Date: Wed, 23 Sep 2020 16:28:38 +0200
Message-ID: <878sd04lex.fsf@nic.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: clamav-milter 0.102.2 at mail
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/_VT2eBne4nP4fkRYCWbpJyKtWiU>
Subject: Re: [netmod] identityref with multiple base statements (follow-up question)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2020 14:28:44 -0000
Italo Busi <Italo.Busi@huawei.com> writes: > I have a follow-up question about this topic > > Considering the same identities defined below, what would be the valid values the following references? > > leaf reference-1 { > type identityref { > base base-1; > } > description > "Reference to an identity #1."; > } > > leaf reference-2 { > type identityref { > base base-2; > } > description > "Reference to an identity #2."; > } > > My understanding, is that: > - valid values for the reference-1 would be 'a' and 'b' > - valid values for the reference-2 would be 'b' and 'c' > > Is my understanding correct? Yes, this should be pretty clear from sec. 9.10.2 of RFC 7950. Lada > > Thanks, Italo > >> -----Original Message----- >> From: Ladislav Lhotka [mailto:ladislav.lhotka@nic.cz] >> Sent: lunedì 3 agosto 2020 10:45 >> To: Joey Boyd <joey.boyd@adtran.com>; netmod@ietf.org >> Subject: Re: [netmod] identityref with multiple base statements >> >> Joey Boyd <joey.boyd@adtran.com> writes: >> >> > Hi, >> > >> > I am looking for some clarification regarding RFC 7950 section 9.10.2, >> specifically this statement. >> > >> > Valid values for an identityref are any identities derived from all the >> identityref's base identities. >> > >> > Example: >> > >> > identity base-1 { >> > description >> > "Base identity #1."; >> > } >> > >> > identity base-2 { >> > description >> > "Base identity #2."; >> > } >> > >> > identity a { >> > base base-1; >> > description >> > "Identity A."; >> > } >> > >> > identity b { >> > base base-1; >> > base base-2; >> > description >> > "Identity B."; >> > } >> > >> > identity c { >> > base base-2; >> > description >> > "Identity C."; >> > } >> > >> > leaf reference { >> > type identityref { >> > base base-1; >> > base base-2; >> > } >> > description >> > "Reference to an identity."; >> > } >> > >> > The question is how to determine the value space for this identityref. >> > >> > Option #1: >> > The value space is any identity which is derived from both base identities. >> This means the only valid value in the example would be 'b'. >> > >> > Option #2: >> > The value space is any identity which is derived from either base identity. >> This means the valid values are 'a', 'b' and 'c'. >> > >> > The phrasing "...derived from all the identityref's base identities." tends to >> point to Option #1 but I would like clarification on the intent. >> >> Yes, #1 is correct. >> >> Lada >> >> > >> > Best regards, >> > Joey >> > >> > _______________________________________________ >> > netmod mailing list >> > netmod@ietf.org >> > https://www.ietf.org/mailman/listinfo/netmod >> >> -- >> Ladislav Lhotka >> Head, CZ.NIC Labs >> PGP Key ID: 0xB8F92B08A9F76C67 >> > -- Ladislav Lhotka Head, CZ.NIC Labs PGP Key ID: 0xB8F92B08A9F76C67
- Re: [netmod] identityref with multiple base state… Italo Busi
- Re: [netmod] identityref with multiple base state… Ladislav Lhotka
- Re: [netmod] identityref with multiple base state… tom petch
- Re: [netmod] identityref with multiple base state… Italo Busi