IETF Logo Mail Archive

Re: [netmod] draft-bjorklund-netmod-structural-mount: Namespace issues

Ladislav Lhotka <lhotka@nic.cz> Thu, 24 March 2016 13:48 UTC

Return-Path: <lhotka@nic.cz>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7230412DB35 for <netmod@ietfa.amsl.com>; Thu, 24 Mar 2016 06:48:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.01
X-Spam-Level:
X-Spam-Status: No, score=-7.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nic.cz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y9E0qV3U2xuo for <netmod@ietfa.amsl.com>; Thu, 24 Mar 2016 06:48:21 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C09A12DB37 for <netmod@ietf.org>; Thu, 24 Mar 2016 06:47:34 -0700 (PDT)
Received: from [IPv6:2001:718:1a02:1:45db:ad9a:f9e0:d864] (unknown [IPv6:2001:718:1a02:1:45db:ad9a:f9e0:d864]) by mail.nic.cz (Postfix) with ESMTPSA id D5589187F88; Thu, 24 Mar 2016 14:47:32 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nic.cz; s=default; t=1458827252; bh=LuZ8nxAVSfS7yTb7llHQ1a181IuEqbwU2Gn817qpCHE=; h=From:Date:To; b=r2N0SlPM5tMXUy3C+ymSjBxrHbachjj9F8Jsf1c/MAw3VTOssWD/TSBVAx9INyx3s 1OL1IDftxMs4ryvs+Vxka2DelfkD4BLSDXmNJVHPQBHSyogI2Y0FHgGe27bJzXAFz+ jacx44lRhFPNL29LnHHOcPrB3oddshpq7r/JQ2l4=
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Ladislav Lhotka <lhotka@nic.cz>
In-Reply-To: <20160324131300.GA69205@elstar.local>
Date: Thu, 24 Mar 2016 14:47:33 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <56CC98F5-63FF-4ED8-8B8C-C3C8C305DC8C@nic.cz>
References: <1458566013189.55874@pantheon.tech> <m2h9fxmd0i.fsf@birdie.labs.nic.cz> <20160323.220116.2259282208531577772.mbj@tail-f.com> <m2k2kst7gn.fsf@birdie.labs.nic.cz> <20160324131300.GA69205@elstar.local>
To: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>
X-Mailer: Apple Mail (2.3124)
X-Virus-Scanned: clamav-milter 0.98.7 at mail
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/netmod/iQQb5cJTa3XdHDPBhhT0_c8eZ1s>
Cc: netmod@ietf.org
Subject: Re: [netmod] draft-bjorklund-netmod-structural-mount: Namespace issues
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 13:48:24 -0000

> On 24 Mar 2016, at 14:13, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> wrote:
> 
> On Thu, Mar 24, 2016 at 12:56:40PM +0100, Ladislav Lhotka wrote:
>> Martin Bjorklund <mbj@tail-f.com> writes:
>> 
>>> The fact that anydata can represent "really anything" does not mean
>>> that every server MUST allow the client to create "really anything"
>>> for all anydata config nodes.  It will depend on the semantics of each
>>> particular anydata node.
>> 
>> Schema validation is effectively disabled for anydata nodes. This may be
>> a problem especially for implementations that perform validation as a
>> separate step, perhaps automatically from the data model.
>> 
>> And with schema validation out of the way, it is easier to exploit
>> potential bugs in the server.
>> 
> 
> Lada, as far as I recall you wrote an I-D that proposed to mount data
> anywhere. So what did change your mind that you now want strict schema
> validation?

With YSDL, the schema validation is absolutely strict: The server provides a list of modules and revisions in yang-library, and a recipe how the modules are combined. Everything is fixed and static, as it is without YSDL, only some of the schema subtrees are attached to non-root locations. As I said in the interim, YSDL is just an externally specified augment.  

> 
>>> I think that using mount-point as a substatement to anydata is in fact
>>> the only really safe option to mount.  Both the proposed solutions in
>> 
>> Well, if safe means (partial) compatibility of old clients - and I am
>> not even convinced about this. Otherwise it is IMO less safe because the
>> schema is loosened.
>> 
>>> the current structural mount and ysdl drafts are unsafe for clients
>>> that don't understand the mount.
>> 
>> True.
> 
> What do you mean with 'partial' compatibility? I also do not

Take the rtgyangdt model, for example. If a mounting mechanism is in place, a client that doesn't understand it will only see a void top-level structure, which is hardly useful.

> understand which schema is 'loosened'? Can you give me an example of

Loosened means exactly that anydata is used. For example, a rogue client may use it to send data that test the robustness of the server's Unicode implementation.

For instance, a server implementor can place a rock-solid off-the-shelf RELAX NG validator in front of the backend and rely on it to catch everything that violates the schema. If anydata is involved, the RELAX NG validator will, well, relax, and pass everything to the backend.

> 'partial' compatibility and 'loosened' schema? Do you have a counter
> proposal that avoids these issues?

Sure: avoid anydata, and forget about supporting clients that don't understand mounts.

Lada

> 
> /js
> 
> -- 
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

--
Ladislav Lhotka, CZ.NIC Labs
PGP Key ID: E74E8C0C

v2.23.0 | Report a Bug | By Email