IETF Logo Mail Archive

Re: [netmod] extensions and conformance

Ladislav Lhotka <lhotka@nic.cz> Mon, 10 August 2015 16:37 UTC

Return-Path: <lhotka@nic.cz>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9ABE71B3951 for <netmod@ietfa.amsl.com>; Mon, 10 Aug 2015 09:37:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.661
X-Spam-Level:
X-Spam-Status: No, score=-0.661 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_CZ=0.445, HOST_EQ_CZ=0.904, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1V9_YKWejrzh for <netmod@ietfa.amsl.com>; Mon, 10 Aug 2015 09:37:34 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C6CD1B394E for <netmod@ietf.org>; Mon, 10 Aug 2015 09:37:34 -0700 (PDT)
Received: from [172.29.2.202] (nat-14.bravonet.cz [77.48.225.14]) by mail.nic.cz (Postfix) with ESMTPSA id B9BA2181462; Mon, 10 Aug 2015 18:37:32 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1439224652; bh=cH6YgrxkOLo1ZZF3jXgtyu5S9dbbHCdjQ5FcwmCxdcY=; h=From:Date:To; b=pEJKMjg3thoEPEk7WzBpOsyn/ioF/C8O10Z0/m5GBCMZ2laPD8e9dGWnIhsnaIKK8 VWCElPfpJAZlABC6pw9oyXz/ALGX8pb0/I6t6rGbNTUwItR/JkSmhK5Ncvu+zW5+i1 PaKW+61q6iRfT49XOtr3tc9bhtO0EUVvq+U8M1+k=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\))
From: Ladislav Lhotka <lhotka@nic.cz>
In-Reply-To: <CABCOCHQttPXhUQ1+GdhLEn9sAZd_sDHtic6SDnVUVoUipbw9dg@mail.gmail.com>
Date: Mon, 10 Aug 2015 18:37:32 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <154527D1-C76B-49DD-B58D-39B197FAD033@nic.cz>
References: <m2tws7zhk1.fsf@birdie.labs.nic.cz> <CABCOCHQHD+s-WgUj3ohTXZ_qTjZMnJqarN6+HQN7TMKNr7ofKg@mail.gmail.com> <935AE06C-DF0E-4B79-BBB0-FBFC67297106@nic.cz> <CABCOCHQttPXhUQ1+GdhLEn9sAZd_sDHtic6SDnVUVoUipbw9dg@mail.gmail.com>
To: Andy Bierman <andy@yumaworks.com>
X-Mailer: Apple Mail (2.2102)
X-Virus-Scanned: clamav-milter 0.98.7 at mail
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/netmod/hDUWeEqBdQAvoJCCgUcM1EwFVkU>
Cc: "netmod@ietf.org" <netmod@ietf.org>
Subject: Re: [netmod] extensions and conformance
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 16:37:36 -0000

> On 10 Aug 2015, at 17:32, Andy Bierman <andy@yumaworks.com> wrote:
> 
> 
> 
> On Mon, Aug 10, 2015 at 4:24 AM, Ladislav Lhotka <lhotka@nic.cz> wrote:
> 
> > On 10 Aug 2015, at 12:17, Andy Bierman <andy@yumaworks.com> wrote:
> >
> > Hi,
> >
> > I am strongly against changing the contract on extensions.
> > They MAY be ignored by any YANG tool. Period.
> > That means they are far from mandatory.
> > They are little more than a keyword and a description clause.
> 
> So do you prefer my proposed solution -02 or -03?
> 
> ** Solution Yxx-03
> 
>    Make extensions optional. This means that extensions won't be
>    allowed to change YANG language, NETCONF protocol, and validity of
>    datastores and protocol messages.
> 
> 
> This is how we use extensions to tag YANG data models
> to drive automation tools.

But that means, for example, that annotations cannot be defined via an extension statement as in draft-ietf-netmod-yang-metadata.

> 
> Your entire problem statement assumes that the consumer
> of the extension is a protocol (client and/or server).
> IMO this is really bad design to use statements for standards
> that are by definition external to the YANG language, as if they
> were part of the YANG language.  This is just a hack and
> it usually doesn't work well.

Well, in the past you supported the idea of introducing new XPath functions through extensions, and it is exactly of this sort.

I’d also argue that current wording of 6020 allows a server implementing “ietf-system” and “ietf-netconf-nacm” to ignore the nacm:* extensions and make e.g. container “authentication” writeable by default in non-recovery sessions.

> 
> For example, when I pointed out that an extension for "ephemeral"
> could not be modified with a refine-stmt, you just changed the
> subject and ignored that problem.
> 

I didn’t ignore that problem, I just didn’t understand why “ephemeral” (or any) extension needs to be refined.

Lada

> 
> 
>  Andy
> 
> 
> >
> > There are not even any rules or help determining
> > which extensions can appear as children of other
> > extensions.  That indicates that they are not
> > real statements and not really part of YANG at all.
> >
> > There are some uses of extensions that fit the modular design,
> > but not many.  The NACM extensions only affect NACM.
> > They have no impact whatsoever on any YANG statement.
> > Yet even these statements should be real YANG statements.
> > There is really no need to force implementation of NACM
> > in order to utilize the concept of 'default-deny-all'.
> > But full implementation of NACM is required to use these
> > extensions.
> >
> 
> The descriptions of “default-deny-write” and “default-deny-all” describe normative server behaviour. It is not even clear from 6020 text whether server implementations can ignore these extensions or not and still use the modules where the extensions are present.
> 
> Lada
> 
> >
> > Andy
> >
> >
> > On Mon, Aug 10, 2015 at 1:14 AM, Ladislav Lhotka <lhotka@nic.cz> wrote:
> > Hi,
> >
> > recent discussions show that 6020(bis) text about extensions isn't
> > sufficiently clear about the scope and semantics of extensions. IMO this
> > needs to be fixed and so I propose to add the following item to YANG 1.1
> > issue list. Comments and additional solutions are welcome.
> >
> > Lada
> >
> > ------------------------------------------------------------------------
> > * NEW :Yxx: clarify conformance wrt extensions
> >
> > ** Description
> >
> >    YANG extensions as defined in RFC 6020 have no limits on scope –
> >    they can possibly modify YANG language, datastore semantics or even
> >    the NETCONF protocol. However, from the text in RFC 6020 it is
> >    unclear whether extensions appearing in YANG modules advertised by
> >    a server are mandatory to implement: "If a YANG compiler does not
> >    support a particular extension, which appears in a YANG module as
> >    an unknown-statement (see Section 12), the entire unknown-statement
> >    MAY be ignored by the compiler."
> >
> > ** Solution Yxx-01
> >
> >    Extensions appearing in the server's model are an integral part of
> >    the server-client contract. That is, the server MUST implement
> >    them, and the client SHOULD terminate the session if it doesn't
> >    implement any of the extensions.
> >
> > ** Solution Yxx-02
> >
> >    Develop a mechanism for negotiating extensions.
> >
> > ** Solution Yxx-03
> >
> >    Make extensions optional. This means that extensions won't be
> >    allowed to change YANG language, NETCONF protocol, and validity of
> >    datastores and protocol messages.
> > ------------------------------------------------------------------------
> >
> > --
> > Ladislav Lhotka, CZ.NIC Labs
> > PGP Key ID: E74E8C0C
> >
> > _______________________________________________
> > netmod mailing list
> > netmod@ietf.org
> > https://www.ietf.org/mailman/listinfo/netmod
> >
> 
> --
> Ladislav Lhotka, CZ.NIC Labs
> PGP Key ID: E74E8C0C
> 
> 
> 
> 
> 

--
Ladislav Lhotka, CZ.NIC Labs
PGP Key ID: E74E8C0C

v2.23.0 | Report a Bug | By Email