Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id E018F12E855;
 Wed, 10 Jan 2018 19:12:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level: 
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
 DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
 SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
 header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Z6g7BAeBqhW0; Wed, 10 Jan 2018 19:12:43 -0800 (PST)
Received: from mail-pf0-x229.google.com (mail-pf0-x229.google.com
 [IPv6:2607:f8b0:400e:c00::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 25AA612E044;
 Wed, 10 Jan 2018 19:12:43 -0800 (PST)
Received: by mail-pf0-x229.google.com with SMTP id e76so198701pfk.1;
 Wed, 10 Jan 2018 19:12:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; 
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :content-transfer-encoding;
 bh=5TunDxmGKO92Ent3Mcf8eUj4y4LIiWjKU4vjTY7mb+k=;
 b=vKLYGS+0q5dRMWan1sw5ScNSsNQwGKRdJdg9HrDAwNobyHb52eAQVjPcB+aRTwhw5q
 oj5jyRfGjzJXSS+nGx7cVzVqi+Agh5vQjeT9l/qY++vbfAJ5TLe+oMcMDh79YJmn4w3/
 OKkRIlKez0vnLl00tA+yO4S0Gsl8cb19K5c43e5O4nFAu5G8NCMNdOm1zuNsUJHEaauO
 Vbq0D1V7v/qUIntbGEbtlP6fkfpdMBdb8RwIsMP6yNkP+jYJRF0cE48o9kIF99Wqxk5e
 YCe66O/j0uiqganHvOlzDVktqi3e37jikWVthAC/0q4gDSVZ53HqRoHI5li5UPD3CJUh
 3+lQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:content-transfer-encoding;
 bh=5TunDxmGKO92Ent3Mcf8eUj4y4LIiWjKU4vjTY7mb+k=;
 b=Rc0d6CGFrstU+FooZcTTl8xHVBHeSuVG9Tn0AzN5JrYXN5XhQAQeeQr8m7kWEAfuOO
 xT6k1EOmbrTIuw8++NWUgOJ7jOdQmxISvHE1NydLbmszorFPS931M4Tznbr4HC8NVKEm
 25VgXpb8bznGCyW7egZ6SlwLTF8Ms7/mQWfZkygZDQ+xE4FYzyBk61rYcFZ9nNuFNCLU
 Frt30iohBgo415JSFs1TcbKOXxAxe6nuj2kH3ELVtUujKd3cwAMfA5xbN6yZmr1XahR1
 Y4PZE0t3aHhfFw2L4yCkceQH1VPkaBxO9Ad64/QUXkv1yU9yRfld7spSTpo9d7DH4yZ8
 yCuw==
X-Gm-Message-State: AKGB3mLzR76BneP3K13cU4g728K/1rH9vLHBNpgXEonqRSZUdm+EeLTI
 kTPnNl3K3hQR4jaGLFdo0n+eSiC0CXO47Shvy4s=
X-Google-Smtp-Source: ACJfBouOCbL3tU09HUJuqBVU7NJTqZ34MWmOWG/tWreMEjJYJAVDtlxY6UwE2/KKOkGtG4UUiQ15wxHuWagciYNvWMA=
X-Received: by 10.84.217.14 with SMTP id o14mr9987516pli.78.1515640362484;
 Wed, 10 Jan 2018 19:12:42 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.186.208 with HTTP; Wed, 10 Jan 2018 19:12:02 -0800 (PST)
In-Reply-To: <20180110194529.3myrio6vrvsn3jjh@elstar.local>
References: <151561207372.18313.8094240527199424975.idtracker@ietfa.amsl.com>
 <20180110194529.3myrio6vrvsn3jjh@elstar.local>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 10 Jan 2018 22:12:02 -0500
Message-ID: <CAHbuEH6WXMU6RknQdfuq30zhbUycQtFRW54hOT9WkwR8g2Rsxg@mail.gmail.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, 
 Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>,
 draft-ietf-netmod-revised-datastores@ietf.org, Lou Berger <lberger@labn.net>, 
 netmod-chairs@ietf.org, netmod@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/kWn1IXxdDl6_WqtEMNU_ZLvjYSM>
Subject: Re: [netmod] Kathleen Moriarty's Discuss on
 draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>,
 <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>,
 <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jan 2018 03:12:46 -0000

Hi Juergen,

Thanks for your quick response.  Inline.

On Wed, Jan 10, 2018 at 2:45 PM, Juergen Schoenwaelder
<j.schoenwaelder@jacobs-university.de> wrote:
> On Wed, Jan 10, 2018 at 11:21:13AM -0800, Kathleen Moriarty wrote:
>>
>> ----------------------------------------------------------------------
>> DISCUSS:
>> ----------------------------------------------------------------------
>>
>> Hello,
>>
>> Thanks for your work on this draft.  I'm a little confused with some tex=
t in
>> the draft and have a few questions.
>>
>> 1. The introductions says,
>> "This architectural framework identifies a set of conceptual datastores =
but
>>    it does not mandate that all network management protocols expose all
>>    these conceptual datastores.  This architecture is agnostic with
>>    regard to the encoding used by network management protocols."
>>
>> As such, the data stores could be exposed for some implementations, usin=
g
>> whatever network management protocol (likely NetCONF or RESTCONF).  If t=
his is
>> the case, why doesn't at least some of the security considerations templ=
ate
>> apply for at least secure transport?
>
> The security considerations text is IMHO correct. The YANG modules define=
d
> in this document do not define any accessible objects. Hence, the securit=
y
> YANG template does not apply.

Could you make that more clear in the document?  The section from the
introduction quoted above says it is possible if network management
protocols expose the datastores.

>
>> 2. Section 5.3.4 - Is there any integrity protection on the origin infor=
mation?
>>  If not, can it be added or is there a good reason why it=E2=80=99s not =
possible?  I
>> realize these are conceptual models that may or may not be exposed, but =
if
>> exposed and used, wouldn=E2=80=99t some integrity protection on this be =
helpful?
>
> Can you clarify what you mean with 'integrity protection' in this
> context and why you think origin attributes are special? The known
> published network management protocols all use standard security
> protocols (SSH and TLS). In general, security mechanisms are protocol
> specific, I do not see how the architectual definition of datastores
> requires discussion of special integrity mechanisms. Perhaps I do not
> understand your concern.
>

What I'm wondering here and wanted to discuss was really how the
information on origin information will be used.  Does this information
need to be from a source that can be validated?  If so, should there
be some way to provide a MAC for the values for origin information in
the data stores?  I am not referring to transport in this second
question.  Your answer may be an explanation of how the origin
information will be used that excludes any need for integrity
protection.  I just wasn't clear on how the information from the data
stores will be used from the draft.

Thank you,
Kathleen

> /js
>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>



--=20

Best regards,
Kathleen