Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-14

Sonal Agarwal <sagarwal12@gmail.com> Sat, 04 November 2017 17:38 UTC

Return-Path: <sagarwal12@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92B3613FBB8 for <netmod@ietfa.amsl.com>; Sat, 4 Nov 2017 10:38:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.449
X-Spam-Level:
X-Spam-Status: No, score=-1.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJ-lHCyB7jph for <netmod@ietfa.amsl.com>; Sat, 4 Nov 2017 10:38:46 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9A4413FB0F for <netmod@ietf.org>; Sat, 4 Nov 2017 10:38:46 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id w134so6700145qkb.0 for <netmod@ietf.org>; Sat, 04 Nov 2017 10:38:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8vBxNYVCgJT6XR3HYM4b0uE8HIegbyJdltnc5nhBR7k=; b=d2Efi7I7D/6kDj7gk4DT4LlAiUdz9AMrtoKXDPu7eQE900YG7jyC38DrMNEIt5rqk8 Wpcoo9iCI+IWugFhV32hR7/PhPZdTjSQqFnJrpekp13Bw1GOkDcZQPtPRa9FM23e34JM vGj9jVLx+0c4z17eYsudmnNl2HRCz5vLmlUQvhnryQNnRYvOAeSH2tdv0BY2kCRiKzrV R/6c19zepOuBRi/h93hPyCr/g8plnrx8dnqKsu44eYusPj2dSQy/7RdjQks2jQ87unI3 X+PyD7RaV1/v4e6IzmrZD5YgT7txLky2BZWzwgUSR8Y/J/cqFsjE4NTrMcwYe0OWm/fp oJ0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8vBxNYVCgJT6XR3HYM4b0uE8HIegbyJdltnc5nhBR7k=; b=gSPoTqXXF8BP//2yygk/clx2sHqojaYi9kmo1B6lcEG8YDc0qVJdo+cc+7xXe+zriG yMfDQOb/ChITBVq1z0LkldmUjajaXe2UeB379UY1yRvSAMFVFivK3JHdC6CoeqBPx3CX +RuTxEluPPkS0FocGi+VDE2sL37Vs1nZ58npzqaGJnzRWB1KDUNC4zz0XA5UVuQcTRHk vvilHYb3h5SVczvMg8zmITUBnBRKi9YO/w0kAToPRF459e2YKvZ8nNOk+x0H77AGO/5C lH4frLX3pCXwPE4NW+IPJez/qF6vTTY8jiZqzijH+9W0ye+EyeWue6lppesYC/4jCURF xejg==
X-Gm-Message-State: AMCzsaUrHmEKe81+dQVU6c/4z1qNCpvugUYJ9WTziyHW0eq8ewU5t/rm 1AE8yNg/JYDVu+F6eoyPGRN3ZImQJx1Oy2uGIRM=
X-Google-Smtp-Source: ABhQp+SA7KkNy9Qus35okiRFCWhyJnheWDs4nduHsw/kjlkpxKvxbkacrkM2B1MZ5ODuLkynT2ug3gFEpieSsnkwOfY=
X-Received: by 10.55.42.73 with SMTP id q70mr15024771qkh.337.1509817125662; Sat, 04 Nov 2017 10:38:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.109.136 with HTTP; Sat, 4 Nov 2017 10:38:45 -0700 (PDT)
In-Reply-To: <0587EC2C-6B31-409D-B2A4-649EECEEB45A@gmail.com>
References: <20171102074318.GC12688@spritelink.se> <6359CD50-0F0D-4315-A58B-1D4CF0583475@gmail.com> <ac9fc676-80f7-723d-9a85-c99fbb122476@cisco.com> <20171102.132634.1363976895007772742.mbj@tail-f.com> <51CEDFCB-88CF-4066-8428-55BF7521D1F0@gmail.com> <20171103085244.GG12688@spritelink.se> <0587EC2C-6B31-409D-B2A4-649EECEEB45A@gmail.com>
From: Sonal Agarwal <sagarwal12@gmail.com>
Date: Sat, 4 Nov 2017 10:38:45 -0700
Message-ID: <CAMMHi8gv-+uV5ALAk+ooUFqAWcqezK2k1dTtQX-6yy-ZTNjrng@mail.gmail.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
Cc: Kristian Larsson <kristian@spritelink.net>, netmod@ietf.org
Content-Type: multipart/alternative; boundary="001a114970a673738e055d2bb151"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/jSDOK0db1jy4VCV02baR07yTpew>
Subject: Re: [netmod] WG Last Call: draft-ietf-netmod-acl-model-14
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Nov 2017 17:38:48 -0000

Kristian,

In response to one of your previous comments:

*"I'm really bothered by the compound key consisting of acl-type*










*and the acl-name since attachment points then need to referenceboth.  It's
also weird because I don't think choosing theacl-type is really a choice of
the user but more of a limitationof the platform.One approach would be to
change the key to only be the acl-namebut let the acl-type leaf remain,
perhaps make it mandatory ordefault to some unified acl-type. I think it's
still possible toimplement a constraint on this, right? Like if a platform
onlysupports a specific type at some attachment point it can add
aconstraint on the acl-type by doing deref() on the leafref."*

The key for an ACL needs to remain as the name and type. They both uniquely
define the presence of the ACL in config.

Sonal.



On Fri, Nov 3, 2017 at 5:44 AM, Mahesh Jethanandani <mjethanandani@gmail.com
> wrote:

> Please do, and we can discuss the changes on the mailing list.
>
> Thanks.
>
> Mahesh Jethanandani
> mjethanandani@gmail.com
>
> > On Nov 3, 2017, at 2:22 PM, Kristian Larsson <kristian@spritelink.net>
> wrote:
> >
> >> On Thu, Nov 02, 2017 at 07:10:30PM +0630, Mahesh Jethanandani wrote:
> >> Ok. Will update the model to reflect the discussion on this thread.
> >
> > Mahesh, would it be helpful if I prepared changes in the form of
> > pull requests on the github repo?
> >
> > I can write code, we can discuss it here and merge once agreed?
> >
> >   kll
> >
> > --
> > Kristian Larsson                                        KLL-RIPE
> > +46 704 264511                                kll@spritelink.net
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
>