Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Wed, 10 January 2018 19:45 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CD7D12D88D; Wed, 10 Jan 2018 11:45:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QOXGsGqiu3q1; Wed, 10 Jan 2018 11:45:33 -0800 (PST)
Received: from atlas5.jacobs-university.de (atlas5.jacobs-university.de [212.201.44.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4058124207; Wed, 10 Jan 2018 11:45:32 -0800 (PST)
Received: from localhost (demetrius5.irc-it.jacobs-university.de [10.70.0.222]) by atlas5.jacobs-university.de (Postfix) with ESMTP id 833E56BA; Wed, 10 Jan 2018 20:45:31 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from atlas5.jacobs-university.de ([10.70.0.217]) by localhost (demetrius5.jacobs-university.de [10.70.0.222]) (amavisd-new, port 10032) with ESMTP id IvWOA0ZhPPlt; Wed, 10 Jan 2018 20:45:30 +0100 (CET)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hermes.jacobs-university.de", Issuer "Jacobs University CA - G01" (verified OK)) by atlas5.jacobs-university.de (Postfix) with ESMTPS; Wed, 10 Jan 2018 20:45:31 +0100 (CET)
Received: from localhost (demetrius4.jacobs-university.de [212.201.44.49]) by hermes.jacobs-university.de (Postfix) with ESMTP id 41B282013E; Wed, 10 Jan 2018 20:45:31 +0100 (CET)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius4.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id jzFnjxrZyhEI; Wed, 10 Jan 2018 20:45:30 +0100 (CET)
Received: from elstar.local (unknown [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id 915792013D; Wed, 10 Jan 2018 20:45:30 +0100 (CET)
Received: by elstar.local (Postfix, from userid 501) id 3E3D8420A6F4; Wed, 10 Jan 2018 20:45:29 +0100 (CET)
Date: Wed, 10 Jan 2018 20:45:29 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-netmod-revised-datastores@ietf.org, Lou Berger <lberger@labn.net>, netmod-chairs@ietf.org, netmod@ietf.org
Message-ID: <20180110194529.3myrio6vrvsn3jjh@elstar.local>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-netmod-revised-datastores@ietf.org, Lou Berger <lberger@labn.net>, netmod-chairs@ietf.org, netmod@ietf.org
References: <151561207372.18313.8094240527199424975.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
Content-Transfer-Encoding: 8bit
In-Reply-To: <151561207372.18313.8094240527199424975.idtracker@ietfa.amsl.com>
User-Agent: NeoMutt/20171215
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/cHTtlYb6YAnrR6gHf8a8GrfR_Qg>
Subject: Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jan 2018 19:45:35 -0000
On Wed, Jan 10, 2018 at 11:21:13AM -0800, Kathleen Moriarty wrote: > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Hello, > > Thanks for your work on this draft. I'm a little confused with some text in > the draft and have a few questions. > > 1. The introductions says, > "This architectural framework identifies a set of conceptual datastores but > it does not mandate that all network management protocols expose all > these conceptual datastores. This architecture is agnostic with > regard to the encoding used by network management protocols." > > As such, the data stores could be exposed for some implementations, using > whatever network management protocol (likely NetCONF or RESTCONF). If this is > the case, why doesn't at least some of the security considerations template > apply for at least secure transport? The security considerations text is IMHO correct. The YANG modules defined in this document do not define any accessible objects. Hence, the security YANG template does not apply. > 2. Section 5.3.4 - Is there any integrity protection on the origin information? > If not, can it be added or is there a good reason why it’s not possible? I > realize these are conceptual models that may or may not be exposed, but if > exposed and used, wouldn’t some integrity protection on this be helpful? Can you clarify what you mean with 'integrity protection' in this context and why you think origin attributes are special? The known published network management protocols all use standard security protocols (SSH and TLS). In general, security mechanisms are protocol specific, I do not see how the architectual definition of datastores requires discussion of special integrity mechanisms. Perhaps I do not understand your concern. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- [netmod] Kathleen Moriarty's Discuss on draft-iet… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Randy Presuhn