[netmod] Re: Éric Vyncke's No Objection on draft-ietf-netmod-immutable-flag-13: (with COMMENT)

"maqiufang (A)" <maqiufang1@huawei.com> Wed, 01 July 2026 02:43 UTC

Return-Path: <maqiufang1@huawei.com>
X-Original-To: netmod@mail2.ietf.org
Delivered-To: netmod@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 6F4DF10B4E75A; Tue, 30 Jun 2026 19:43:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782873796; bh=rKiqvOzhuNAiQGOxnsWqK8agjQfdsgyRmKOgNQoc9e0=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=RNN6nBRVusUJiDh20tPdUQ27qaY72J0CL/EsdYKc5aL3UyIUbI9F5ubF3pnCB54ks JagvTLXvQW0IXgX2HpleJcnhkBnA8PGdCQu1yV9LWfP4+1upyqrjRAwd8EAFj5hSu+ gfcI4A/vN3pB7mUFA7pvAAnZNpFnP0mkUuO+p27Y=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WWRRVCgOoKEI; Tue, 30 Jun 2026 19:43:10 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 4402A10B4E637; Tue, 30 Jun 2026 19:42:58 -0700 (PDT)
Received: from mail.maildlp.com (unknown [172.18.224.107]) by frasgout.his.huawei.com (SkyGuard) with ESMTPS id 4gqknH3RTRzHnGdT; Wed, 1 Jul 2026 10:42:11 +0800 (CST)
Received: from kwepemh500011.china.huawei.com (unknown [7.202.181.142]) by mail.maildlp.com (Postfix) with ESMTPS id A64024058B; Wed, 1 Jul 2026 10:42:56 +0800 (CST)
Received: from kwepemo500013.china.huawei.com (7.202.194.248) by kwepemh500011.china.huawei.com (7.202.181.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.11; Wed, 1 Jul 2026 10:42:45 +0800
Received: from kwepemo100013.china.huawei.com (7.202.195.244) by kwepemo500013.china.huawei.com (7.202.194.248) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.36; Wed, 1 Jul 2026 10:42:45 +0800
Received: from kwepemo100013.china.huawei.com ([7.202.195.244]) by kwepemo100013.china.huawei.com ([7.202.195.244]) with mapi id 15.02.1544.036; Wed, 1 Jul 2026 10:42:45 +0800
From: "maqiufang (A)" <maqiufang1@huawei.com>
To: Éric Vyncke <evyncke@cisco.com>, The IESG <iesg@ietf.org>
Thread-Topic: Éric Vyncke's No Objection on draft-ietf-netmod-immutable-flag-13: (with COMMENT)
Thread-Index: AQHdCFoom2j6cNpZVUKQ8A2Lq5dT57ZX6mKw
Date: Wed, 01 Jul 2026 02:42:45 +0000
Message-ID: <4201cf3307cf4b4dab428b5fdc26460d@huawei.com>
References: <178280109929.2128172.4941329573447671020@dt-datatracker-f9b87776f-xzl65>
In-Reply-To: <178280109929.2128172.4941329573447671020@dt-datatracker-f9b87776f-xzl65>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.129.198]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Message-ID-Hash: 5MYNXKRGRSVF4I2ZEL4SUBYWLESCWF5R
X-Message-ID-Hash: 5MYNXKRGRSVF4I2ZEL4SUBYWLESCWF5R
X-MailFrom: maqiufang1@huawei.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-netmod-immutable-flag@ietf.org" <draft-ietf-netmod-immutable-flag@ietf.org>, "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [netmod] Re: Éric Vyncke's No Objection on draft-ietf-netmod-immutable-flag-13: (with COMMENT)
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/j3CDwmGNVWpADsXj8PeboPNXJ0o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>

Hi, Éric,

Thanks a lot for the review, the authors have prepared a PR to address some of your comments below: https://github.com/netmod-wg/immutable-flag/pull/35/changes. 
Please also see my reply below inline with [Qiufang]...


-----Original Message-----
From: Éric Vyncke via Datatracker [mailto:noreply@ietf.org] 
Sent: Tuesday, June 30, 2026 2:32 PM
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-netmod-immutable-flag@ietf.org; kent+ietf@watsen.net; netmod-chairs@ietf.org; netmod@ietf.org
Subject: Éric Vyncke's No Objection on draft-ietf-netmod-immutable-flag-13: (with COMMENT)

Éric Vyncke has entered the following ballot position for
draft-ietf-netmod-immutable-flag-13: No Objection

----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks for the work done in this document. Please find below some non-blocking
COMMENTs, responses to these COMMENTs will be greatly appreciated, albeit not
required.

Please also note that my COMMENTs about section 1 were nearly DISCUSS level.

Regards

-éric

### Abstract

Should NETCONF and RESTCONF be called out ?
[Qiufang] Accepted, please review the PR for the updated Abstract.

### Definition of immutable in section 1

` that cannot be modified by clients (that is, it is immutable)` is not really
correct. Immutable means that it never changes, 'cannot be modified by clients'
allows the server to change its read-only value, e.g., "CPU temperature" is
read-only (cannot be modified) but not immutable (as it can change).
[Qiufang] The current text is fine, because the document does allow the server to change immutable value in some cases like software upgrade and license change. 
The draft states that immutable nodes can only be system-defined. And the update of system configuration is documented in draft-ietf-netmod-system-config which is now in RFC queue (see https://datatracker.ietf.org/doc/html/draft-ietf-netmod-system-config-20#section-6.1)
Section 7 (https://datatracker.ietf.org/doc/html/draft-ietf-netmod-immutable-flag-13#section-7) also says " Immutable configuration can only be created, updated and deleted by the server ".

When you say "CPU temperature", I think this is the operational statistic or metric that should be defined as read-only (i.e., config-false). This is completely out of scope, because what the document is discussing here is all about the configuration data (i.e., config-true). Within the context of configuration, "immutable" means the node cannot be altered through client-driven configuration operations. Hopefully this clarifies.

### Which servers/clients in section 1

The text uses "server" and "client" without being specific about the
protocol... as the I-D updates the NETCONF/RESTCONF RFC, the reader can *guess*
that it is about "RESTCONF or NETCONF server"... Please avoid ambiguities in a
proposed standard...
[Qiufang] The proposed PR has stated that the terms "client" and "server" are used in accordance with NMDA definitions in RFC8342, thereby eliminating any ambiguity regarding the protocol context.

### Section 11

My understanding based on the previous sections is that this flag is for
read-only stores, so, I wonder how could a sensible client send an edit request
to a read-only store ? `Clients can leverage this information to avoid sending
edit requests that would otherwise fail due to immutable nodes.` ?
[Qiufang] This is a key subtle point. You are right that immutable flag is only for read-only datastores. But it indicates the immutability of configuration, i.e., system configuration datastore is read-only, but system nodes could be modifiable or  non-modifiable, and such modification is implemented by clients sending an operation request towards read-write datastore such as <running>/<candidate> to write different values.
By exposing the immutability of some system configuration, clients would understand that some nodes are non-modifiable, even config-true, and thus could avoid sending such an <edit-config> request. 
Make sense?

Best regards,
Qiufang //co-author