Re: [netmod] WG Last Call: draft-ietf-netmod-yang-module-versioning-05
Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de> Sun, 06 March 2022 11:07 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CB163A0BD9; Sun, 6 Mar 2022 03:07:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id upGV66OGnuaY; Sun, 6 Mar 2022 03:07:32 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20631.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4733D3A0C42; Sun, 6 Mar 2022 03:07:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kLtduasZS9E3KF8kDXfrCDoTguNH52VvrNSea0u/vhceEyXhso9/IZPm53iple/Cr68ALDkvjSv00lOPNQVsqgbQjX8Mt0gEeRnSx2RvYeLoysNWT+IPanHJOv71YPpbTD6ywwjq6owxybzodXan10H2ue/dePUG8V/f+iTNX62JZDcwkWbdIlAfXJGjSB+DXO6w9+YT9qoRsFnQTjmTNsr36nZqarxiOdSioJRpR5xP4gRXU/g5o2O/tPOFfQOsfdkNfqKkGQJwg+XGlTF4YoNRPbQPZhb8FEzLKtk02M0hhQjTKeHLi+qKYhuIUq8UaXCrQIUbbW757k/v0TOyIQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ITbxKQYfKe1EvZVvCNI95a/QNk5vA7mIPyPKYTW8uA0=; b=TfqrB4irhVasws24AFrGRWQuMZV3ER+mbnAxF5b0zhX286I8LbahDgKDi5gVehHcksTMZHA2jlJ3Pm64byt5+oTIR1uDAT2bYFdl60343EGQt7/1IWq8AfjwT+NYxvVk9NJXCMMDvJU21Av5wSxzSUQHCS9UHI3JbJYaszdgJZnGREodOsRWFytC24HzoQMqfZvF66eFgOJEA17kUqFQBo8wRD43oXMYwllgI8JdNkU0YdVk2RfEy+C/HAZxfivDqIOo0Mtq2v5WG5rZz07E0PfniS4a8DCCf3JwM0qN1u0QtlTiIytX9il+QAwa0Xj4LZW2I6TpoZZrnzPK2PdTpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ITbxKQYfKe1EvZVvCNI95a/QNk5vA7mIPyPKYTW8uA0=; b=peCSbd3bysewqk+1+Cyn7w/F377LsS/12DuRgNFyMMKyc2BLhaa5M8+Bh4xknCnhdwFg3A3bhO/6bpCsObW5Y+QX1A1ZwTICGKcjgO9gyYb7/Or07/uvpFbeEM4AN9/TzRAIj+arlkZHS2ftwEjRhgZAX+YPs4vddwsJeIqcA2E=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jacobs-university.de;
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23) by VE1P190MB0909.EURP190.PROD.OUTLOOK.COM (2603:10a6:800:1b0::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.14; Sun, 6 Mar 2022 11:07:17 +0000
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::ac24:5a30:ebfa:19af]) by AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::ac24:5a30:ebfa:19af%8]) with mapi id 15.20.5038.026; Sun, 6 Mar 2022 11:07:17 +0000
Date: Sun, 06 Mar 2022 12:07:16 +0100
From: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>
To: Lou Berger <lberger@labn.net>
Cc: NETMOD Group <netmod@ietf.org>, NetMod WG Chairs <netmod-chairs@ietf.org>
Message-ID: <20220306110716.y5het4vjj6y3dfg6@anna>
Reply-To: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Lou Berger <lberger@labn.net>, NETMOD Group <netmod@ietf.org>, NetMod WG Chairs <netmod-chairs@ietf.org>
References: <51ecbad2-c13b-1f31-a17e-ea2f40eadd6c@labn.net>
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <51ecbad2-c13b-1f31-a17e-ea2f40eadd6c@labn.net>
X-ClientProxiedBy: AM3PR07CA0141.eurprd07.prod.outlook.com (2603:10a6:207:8::27) To AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5565b9f7-5103-41db-d50d-08d9ff6179d4
X-MS-TrafficTypeDiagnostic: VE1P190MB0909:EE_
X-Microsoft-Antispam-PRVS: <VE1P190MB09099FE199560ACC9DFC5B37DE079@VE1P190MB0909.EURP190.PROD.OUTLOOK.COM>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: w2jATDn/X0nP4qx27gSKuhWuHMLzGP87x2oI5dzYrdDmUQyhiWlpeIEq8HS4eozmPn5X2/ztg+XuimGeXCKYF21PCOA0zzdx6eyE7rVLiFzXWBvCEG1BiERAV7SDw9BtrBt0giKC9UDHCMfXX/PrswDizfqW+jm+GKEOhaOidmBgHeuvw5pbocgQKZGbPpAAPsTxXlxoX+NjGoG390jg7udp5iuLPRsafLDEmqcGoGrjyjVvrn/zUiL23xPE2ZhDknihrQoTuYJexH0pgRhP37Vc2PhVGls8Yz9Uz2gJmWZea2yyhonrLRBf3epDoSDNSJ7mBSU8kE8wCyw4GdxlP4Qi71RuFOqt+6znHi+YoTaAQg9JTY86HiExOShlSQG7VilQo+VDAY60f2VtIfuOc2BZZFi5qHuC5qgHvGAGlT7y5na9RtEt4l4x9HwSka54hSuEdoR+2a3GG8L3PtZsCkhi0Jm+d5fEKnt9oQ6LK9hKi1Qol+dU5QxDXAlNdnlPutknBI3EIn51pq50xVtv+GtSkCQaO2fRw90nvT0Vvh6N3p0t5nrazW3+OP8znfj2g89Je6nJ/LHz5BJPS6EOaBRzbgDLmpsLCemaC3n4dUm/ROn/xFUSyqqJBV1Pure63PUMsjm1AsPnXrdKWAy0dCG5/O1JjuYNK5+lGE8vC7/sAfbTvkRA25IqIxFv45rv2DK8ccgef0OETltmjh5mi2282XxN1293Mmw1xlNhqaOs+/yL83nPRoYI1156Z7K3dZZEkRW1sT1Cvl3JG0VXE8ROOi2qfwe+F8qRH9SZqgJ1jxwnhWUH/icXe9L7HV7N
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0P190MB0641.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(7916004)(366004)(54906003)(6916009)(2906002)(38100700002)(85182001)(38350700002)(966005)(786003)(316002)(6486002)(85202003)(33716001)(26005)(30864003)(40140700001)(3450700001)(186003)(66556008)(86362001)(66946007)(66476007)(8676002)(4326008)(508600001)(66574015)(52116002)(83380400001)(5660300002)(1076003)(9686003)(6512007)(6506007)(8936002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: dRg4LlLSwdBO8X7z8nFq6NXh9NLRGXuVAyZ6HHFRbNlWikC2oe1+4ocNm7dum8apz4KxoI06VN5wZN/yS5tkIjpF0H8OZthE1+JZDGmYV79AnRXiU8N7XzoLKjPFiQMEDQvdVC7PKMfg4viH6YK2kT/px98AYybglOcsEkrOlCe7nHKSo2PIndhL2H2QFn9AVF1QueuzyyqNuJu3HngaORfO4dCN32iAvkPlFUbTMnhZ8dKQZUgeTyKluRX3z94783Iloapeiyqn+6hfgTUA7mC1CWzbVt1BOCTTv58GMi0LRHX2Bra26r0SOqUmsNk4JDWo7lJ+rWkiJ44LFxQKQTIyB+MZVYg2WdrNklB+F7SprPD7wV2cpVVpwU3n0/H5Om4Nqn1cPCGSLZyuw8mqURlxqsxvVdctZL8+LfgvmMmtG7tuS5BzOm2G0Gn1XytKYcLfuS6Qzwzi/lZ5ufV0JZZHxrivCQGamKuea94fqoiC/PMKAEhuU2VPSpHiEsd7Hqte0u1h0IU7Y4gMGA+Ecg1mbPpFEf0CX/rb7jKU2AKHH+82Hm1FAFdL4WSs5UhHZDwzvOWia2Zcgh97cnthrj0yMeeDwTEGB7g1Zx6ua08oo1K836grhQTmoQk7yuNsDagS7Oozy3p0wwzouvSUMEkGhKTeZ4M07MUDWTbMDm4Ye0abr/lX2u1YYCURVj7Piyp7l65pBBQh65YzON04O2YDdghgzngEB+iLnk02jrdeL+VntwA9sjI5RTx6ft7b+teqXq0FX6hevwaACOT46A9fVfWT7chdpRZlMW3jbYSmMC182j+6Tn7FBkODsou3jsKoxJiF1I7OKxxcaD343k60QuxepY59J8PX2Tq6KnEYVuHYzummXjGbZH/SF4pVNpdC9CACymGsOlTYCQ2LtkKvZThduFbanSP5A0M7kogSgQZ8XOrNtb9TkXno9GFvIk9JDMfPCuh8JosqzDV1+DAD/CfVOa+VzPrd0+BJqG+zXvTK7Jl9czfUdlSPJAYZdNWS7nfknYeeaYd83JD1sQJHCURNHQGpaBwpjaFR7SUMuywbCujprxGhPX0lYVs0T007hJJjthauKq+coc/2mdeXuNz6gDel1VD3Hc5NFvlIgPiC+b91E3Q16phzv8WXAu3lUKPclwg95R8xjOeJzOintwNxmluv1R6MAfyu6FPhF0EXkkgAQsHoXselqlGBUiNtm03AC1UGPAR818LXWTssIyCqXH9wy3HGg+BEUA79DuRu9nuP5rLMfWJLJQtCGfQhrmzfu6LHgthlwg79TROJPNEEhPgoea8tQXhmGZhzkiqMFd1wfGVVob9/b261BIERSKYtlGg3hftGZMmo3428zDj24oA3Gh3QeVO8GdtekYwa4WaJZsCsWA0YCFD4G7ojvIOtLwJQLTtqViSV35eFG1UsADh+R+RWTNhmWe7slG8NiT+8tTDteomXlo8uxpFEbg2dMXdhNuOAHFfuLjQCaDh2h4LkJGRxvcvS9nHGckFVQSRuSkk7ehsKgPEFreyYQBgL/zsKYLrx9V/ocBYBNd1pFgrYEOsa0Q6Y9BVvGsgXO7SKzR3R6e2hkBwNhLRG/fDL+e8QbnYVkJHICv71SV8lv6FwZKINqW1g/SMR460lDbvxEcr7h0QEjVAmaYp+atIr5NINhn0tTRvinA==
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 5565b9f7-5103-41db-d50d-08d9ff6179d4
X-MS-Exchange-CrossTenant-AuthSource: AM0P190MB0641.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Mar 2022 11:07:17.2412 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 4rvvsinkVI8P/+LqkBzO0qehS1C4pvdUIoaPE9G8xMkzWGCFBSVlDe/LxwN3XtMJYNiRBurrVD39A6e8MHL27z8YGrPJuOjGl2QGjxwmsLc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1P190MB0909
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/k7x4MTGt0b23r__ItD0-IOOBfzA>
Subject: Re: [netmod] WG Last Call: draft-ietf-netmod-yang-module-versioning-05
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Mar 2022 11:07:46 -0000
Hi,
below is my last call review.
Document: draft-ietf-netmod-yang-module-versioning-05
Date: 2022-03-06
* 1. Introduction
Is it "module lifecyle problems" or "module versioning problems"?
Can we perhaps be even more explicit? I also note that
[I-D.ietf-netmod-yang-solutions] has seemingly expired, perhaps this
document is not needed if we revise the introduction a bit and make
it more descriptive. And why are SDOs, vendors and industry
mentioned as explicit targets? Here is an attempt to make a
constructive proposal:
NEW
The current YANG [RFC7950] module update rules require that updates
of YANG modules preserve strict backwards compatibility. This has
caused problems as described in [I-D.ietf-netmod-yang-versioning-reqs].
This document recognizes the need to sometimes allow YANG modules
to evolve with non-backwards-compatible changes, which can cause
breakage to clients and importing YANG modules. Accepting that
non-backwards-compatible changes do sometimes occur, it is
important to have mechanisms to report where these changes occur,
and to manage their effect on clients and the broader YANG
ecosystem.
This document defines the foundation of a flexible versioning
solution. A companion document [I-D.ietf-netmod-yang-semver]
extends this work by introducing a semantic versioning scheme. In
addition, [I-D.ietf-netmod-yang-ver-selection] provides a schema
selection scheme that can be used by clients to choose which
schemas to use when interacting with a server from the available
schema that are supported and advertised by the server. This builds
on [I-D.ietf-netmod-yang-packages], which provides a mechanism to
group sets of related YANG modules revisions together into so
called YANG packages. Finally,
[I-D.ietf-netmod-yang-schema-comparison] specifies an algorithm
that can be used to compare two revisions of a YANG schema.
* 3.4.1. File names
- This looks like a SHOULD/MAY clash, what do you really suggest
here? Better don't use RFC 2119 language if the guideline is kind
of contradictory. ;-)
YANG module (or submodule) files MAY be identified using either
revision-date or revision-label. Typically, only one file name
SHOULD exist for the same module (or submodule) revision. Two file
names, one with the revision date and another with the revision
label, MAY exist for the same module (or submodule) revision
An implementation needs to be able to find the modules. If the
revision date is the unique key used by imports, then probably the
@ form needs to be there while the # form is nice to have? Well, I
am not really sure what the text in the I-D suggests. Perhaps it
says it SHMAY be implementation specific. ;-)
If we want interoperability at the file name level, a clear and
unambiguous baseline may be helpful. If we do not expect that,
there is no need to write rules using RFC 2119 keywords.
* 3.5. Examples for updating the YANG module revision history
Assuming the 2.x line is backwards compatible but the 3.x line is
not. How do I figure this out from the linear revision history
sorted by dates? Is the idea that I always only have a single branch
in the revision history in a module? Or can there be multiple
branches documented? Can branches merge again? If I can include the
history of multiple branches, is the idea that tools have to
understand the semantics of the revision labels to reconstruct the
revision history graph in order to make sense of the
rev:non-backwards-compatible markers? The linear order could easily
lead to misinterpretations, revision 2019-04-01 is BC but it would
appear in chronological order after 2019-03-01, to which it is NBC.
* 4. Import by derived revision
I agree that import by revision or derived is better than import by
revision and it would work great with the existing YANG module
update rules. That said, I do not see how it will work great with
update rules that allow BC and NBC updates. If we support richer
update semantics, we will need richer mechanisms to express
compatibility and it seems wrong to put that information into the
YANG import statement. To me, it seems much more reasonable to
maintain the compatibility contraints outside the module such that
updates on the compatibility rules can be made without having to
touch the YANG modules.
To fully automate things, it might be desirable to actually tag the
specific definitions that changed. When module A imports from B, it
matters what A is using from B. Perhaps the idea is that algorithms
compute this on the fly. I fear not all changes may be decidable to
be either BC or NBC. Has it been considered to have markup at the
statement level that provides details such as when something was
added, when something had an NBC change etc? Once you have markup at
that level, tools can decide whether an importing module is affected
by changes in an imported module or not.
It seems we are doing things backwards, we mark modules as having
NBC changes and then tooling may try to figure out what the causes
are. Would it not be easier to tag what has changed and then tooling
can calculate the rest?
I am not sure of this:
The argument to the "revision-or-derived" extension statement is a
revision date or a revision label.
Why is it useful that the value can be a revision date or a revision
label? I assume you also expect there to be a partial order on the
labels, no?
A particular revision of an imported module satisfies an import's
"revision-or-derived" extension statement if the imported module's
revision history contains a revision statement with a matching
revision date or revision label.
I am not sure, perhaps because I am not sure whether the revision
history can reflect branches. If I say revision-or-derived 2.1.0,
can I then get 3.0.0 (which is in a different branch)?
Yes, revision-or-derived is what we should have had in YANG. I fail
to see how it is useful in a versioning scheme that supports NBC
changes and some level of branching.
The "revision-or-derived" extension statement does not guarantee
that all module revisions that satisfy an import statement are
necessarily compatible; it only gives an indication that the
revisions are more likely to be compatible.
So how is this useful? The name "revision-or-derived" may be a
misnomer, it seems you really have "none-before". The name
"revision-or-derived" suggests a promise that is not really there.
I believe compatibility constraints need maintenance and grow to get
complex. Managing them inside of imports is in my view not a good
and scalable idea.
Adding, modifying or removing a "revision-or-derived" extension
statement is considered to be a BC change.
How can that be? Such changes fundamentally change how imports are
resolved.
Example 2 finally tells me by way of example what derived means. I
suggest to define the notion of "derived" earlier. The example seems
to suggest that derived is along the partial order induced by the
version labeling scheme (and this means tools need to be able to
reconstruct the versioning tree (can it be more than a strict
tree?). If this document is expected to work with different
versioning schemes, it seems this document needs to spell out which
requirements a versioning scheme has to satisfy for this document to
work properly (e.g., that there is a defined partial order on
version labels).
If a module import statement could resolve to more than one module
revision defined in the datastore schema, and none of those revisions
are implemented, then the import MUST resolve to the module revision
with the latest revision date.
Why has the latest revision date been chosen here? Just asking...
And has this anything to do with the versioning work or was this
just a convenient place to fix the ambiguity?
* 5.1. Updates to ietf-yang-library
Is this section here because it is essential to fix this ambiguity
for the versioning work or is this here just because it was a
convenient moment to fix this ambiguity?
7.1. Guidelines for YANG module authors
[...] If all dependencies have been updated to not import specific
revisions of a module, then the corresponding revision statements can
be removed from that module.
This seems to be somewhat pointless for open standard YANG modules
since there is no effective procedure I can imagine to determine
whether all dependencies have been updated. (Well, not sure what
dependencies means, I assume it means there are no modules anymore
importing a given revision.)
7.1.1. Making non-backwards-compatible changes to a YANG module
o NBC changes can be sometimes be done incrementally using the
"deprecated" status to provide clients time to adapt to NBC
changes.
Not sure what this means. Also note the double 'be'.
o NBC changes are done at once, i.e. without using "status"
statements. Depending on the change, this may have a big impact
on clients.
Not sure either, likely because I did not understand the previous
item. The third bullet also leaves me a bit puzzled. It seems as if
there is a relationship between NBC changes and status changes. If
so, this may need to be spelled out more clearly.
The detailed description of the "incremental" approach that follows
is helpful. Perhaps the bullets can simply be removed and we keep
the incremental approach as the suggested one?
8. Module Versioning Extension YANG Modules
- Replace '\d{4}-\d{2}-\d{2}' with the pattern used in RFC6991bis
(the \d does some surprising things, so I dropped it everywhere).
- RFC6991bis introduces the type revision-identifier but given this
work is getting stable it seems more logical to call the type
revision-date. This is also the term RFC 7950 uses. And I think
revision-date should be defined in ietf-yang-revisions and not in
RFC6991bis. (I guess we once called it revision-identifier
because there was no clear understanding yet that we will have a
revision-date and a revision-label.) Note that dropping the
definition of revision-identifier from RFC6991bis and defining a
revision-date type in ietf-yang-revisions also causes the
dependency on ietf-yang-types to go away.
9. Contributors
- Typo 'Discussons'
- Perhaps just list the names of the contributors comma separated
instead of making this a longish list.
10. Security Considerations
- I wonder whether confusion about versions can lead to exploitable
vulnerabilities. If client and server disagree on the meaning of
values, this may lead to exploitable situations. With the move to
allow NBC changes, a server may implement different semantics for
a given leaf and this probably deserves a warning. In a world
where semantics of definitions can change, client and server need
to be sure they work with compatible definitions.
- Another scenario to mention could be a system provisioning NACM
rules. Such a system may fail generating proper access control
rules if there is ambiguity about the version of a YANG module
implemented by the server for which NACM rules are provisioned.
In fact, a system provisioning NACM rules may need to provision
rules that continue to work even if client and server negotiate a
version for their interactions.
A. Examples of changes that are NBC
- I believe enlarging the value set of a data node is allowed, the
wording 'any changes that change or reduce the allowed value set'
seems to disallow this. Perhaps you wanted to say 'any changes
that reduce the allowed value set' instead?
* RFC 7950 compatibility
An RFC 7950 compliant implementation will treat
import example-module {
rev:revision-or-derived 2.0.0;
}
as if were
import example-module;
and hence it may import a revision that is not in the 2.0.0 branch.
I believe this is a problem. An RFC 7950 implementation will also
consider deprecate -> obsolete a legal BC change. I believe that
changing the YANG RFC 7950 update rules fundamentally must be done
in such a way that parsers not understanding the new rules fail
instead of producing surprising results (e.g. by bumping the YANG
version number.)
Even if this document is implemented by a parser, the parser may get
import example-module {
rev:revision-or-derived omicron;
}
without knowing what the possible labels are and what the order
relationship of them is. It seems that the revision-label-scheme
statement has to be mandatory and a parser needs to stop if the
announced revision-label-scheme is unknown to the parser.
On Mon, Feb 21, 2022 at 12:20:34PM -0500, Lou Berger wrote:
>
>
> All,
>
> This starts working group last call on
> https://datatracker.ietf.org/doc/draft-ietf-netmod-yang-module-versioning/
>
> The working group last call ends on March 7 th.
> Please send your comments to the working group mailing list.
>
> Positive comments, e.g., "I've reviewed this document
> and believe it is ready for publication", are welcome!
> This is useful and important, even from authors.
>
> Please note that once WG Last call is complete, this document will be held
> and submitted as a set with the other versioning documents (once they are
> ready) for publication request to the IESG.
>
> Thank you,
> Lou (Co-Chair & doc Shepherd)
>
>
>
>
> _______________________________________________
> netmod mailing list
> netmod@ietf.org
> https://www.ietf.org/mailman/listinfo/netmod
--
Jürgen Schönwälder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netmod] WG Last Call: draft-ietf-netmod-yang-mod… Lou Berger
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Jürgen Schönwälder
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Italo Busi
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Lou Berger
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Reshad Rahman
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Reshad Rahman
- Re: [netmod] WG Last Call: draft-ietf-netmod-yang… Jason Sterne (Nokia)