[netmod] comments on system-config-08 draft

Andy Bierman <andy@yumaworks.com> Tue, 20 August 2024 16:39 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7DADC180B71 for <netmod@ietfa.amsl.com>; Tue, 20 Aug 2024 09:39:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1yS6JppaQMyu for <netmod@ietfa.amsl.com>; Tue, 20 Aug 2024 09:38:56 -0700 (PDT)
Received: from mail-pj1-x1031.google.com (mail-pj1-x1031.google.com [IPv6:2607:f8b0:4864:20::1031]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F05EC169418 for <netmod@ietf.org>; Tue, 20 Aug 2024 09:38:51 -0700 (PDT)
Received: by mail-pj1-x1031.google.com with SMTP id 98e67ed59e1d1-2d3f39e7155so728680a91.0 for <netmod@ietf.org>; Tue, 20 Aug 2024 09:38:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1724171930; x=1724776730; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=aFaZj45wrScuviqnHcHnPfi0OHay1UVYf2eCXKaatxU=; b=htYDPcW1ekKeexV/F8dEVH1ZiRpwO0eLpT8EBiIoONUm7DiNBgIpminZERdVl3KQy3 Ls6aWn+li1+bHB7gKQNUL+YxGU9FrPa2Z0UxUMHaYbvjViv2rb9NqH+p9Gce4EIZdNQg 7Rr8ZUQMf+pVQsu+7vvVkrqVgesMsDw2II6G3o5JMggsMXlVcxn9ttModtw7mBlQJ9Gt 1PoKJYklM0b07G/SJ5ecLF6/cUSTteDBKVtTl95MA6QvdFxHHB2vO7ml6VIOyusRXG/X nSLLZkrG21UhKx1ETz48tWo8Uhl0Aqfuw+sn6vt1nUvuOMZpUSukf+QFet8ey+lDPDpr ifqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724171930; x=1724776730; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=aFaZj45wrScuviqnHcHnPfi0OHay1UVYf2eCXKaatxU=; b=VKDy+grWBXK6NQTh5oYaqTcVh2qqy4biNvx2YSEMBxU0L3uE4/+uzupAqImoaHYJzV IeZ68taVT+HdfFNZbWmryrSau+Axa7PXqtxhdwn8BllIx7w2t2Ml5LHE2uyuJFM5Vvb5 uFCMQjU6F8cPcuhhtK1lXcAuNHR3w911xhP2RrGAVt+cuKF9kTLb5hTjjXkfhsufVocs 5eyceR793EmmbYeJQuqolv4g42TneO3XRaFeuOI5PvwOAY4iPlPSWTYz/NV1ywURlAqX 38iq9mryeXu469I6zxmcC1PknaguoB3jKsZwJdOAoMF3CAOFHv+4QjrQS2yyVJHA2EcE 1pzQ==
X-Gm-Message-State: AOJu0Yw3+3r2ynf+h6buJXA3MaCHklEH3dnhkYteAUhYZxXq2vo4RLvc gMQ+3jx8UyMXqXS9m8Q0gwbkf1LGsvehZyXqVm7xKfQzm4slwKwpbt/nr4Me1D7ujlP1HMAUlz+ UqJLH9bKnj6t1/ZPuLzTyy5iUoU87XunzmYBoHhyGQBMDxg7u
X-Google-Smtp-Source: AGHT+IFGDWF+l0VetMfgxURqPXg2RZCuhT6aH/GX1edroqI9waKFypJcWUFKMKg+5vLhZw+YzLZ+3oi20xxBtrTD9tQ=
X-Received: by 2002:a17:90a:ca08:b0:2c9:863c:604 with SMTP id 98e67ed59e1d1-2d3e1d654afmr9610830a91.3.1724171930430; Tue, 20 Aug 2024 09:38:50 -0700 (PDT)
MIME-Version: 1.0
From: Andy Bierman <andy@yumaworks.com>
Date: Tue, 20 Aug 2024 09:34:10 -0700
Message-ID: <CABCOCHScHJENof+1obOgXUDZZMhhPhs9rvKHw4W0RRfF0R1_Hw@mail.gmail.com>
To: NetMod WG <netmod@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000720ff10620200f24"
Message-ID-Hash: FZBLWSNTXVDFGLUU2Q5GUCLJO74CSABQ
X-Message-ID-Hash: FZBLWSNTXVDFGLUU2Q5GUCLJO74CSABQ
X-MailFrom: andy@yumaworks.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netmod] comments on system-config-08 draft
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/dFJJHlr84n7Lsi8P5P3NWZUktXo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>

Hi,

I do not think this draft is ready.

1) Behavior changes to conventional datastores

There seem to be NBC changes being made to the
behavior of the conventional non-NMDA datastores, particularly <running>.

I disagree that it is a problem that <running> contains some system
configuration
mixed in with the client configuration.  The only problem is that the data
is not
editable by clients.  The "immutable" flag draft provides clients
with enough information to avoid 'access-denied' errors when editing system
config.

Changing the behavior of <running> seems to break old non-NMDA clients
that expect the combined config.

2) NBC Changes to XPath

Changing the XPath evaluation procedures is an NBC change.
In this case, also quite complicated to implement XPath across
multiple datastores.

System config could be visible in <running> using the immutable flag.
Leafrefs and XPath are allowed to point at config=true in the same data
tree.
This does not require any changes to XPath processing.

Referencing a special read-only datastore is no different than simply
allowing the XPath to reference config=false.  It is the same NBC change.

3) resolve-system

I am confused why a client would not resolve the system, since
the <running> datastore needs these nodes so the client nodes can exist.



Andy