IETF Logo Mail Archive

Re: [netmod] Client validation text [was RE: YANG Versioning Weekly Call Minutes - 2021-04-06]

"Sterne, Jason (Nokia - CA/Ottawa)" <jason.sterne@nokia.com> Fri, 09 April 2021 13:32 UTC

Return-Path: <jason.sterne@nokia.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A25C03A2151 for <netmod@ietfa.amsl.com>; Fri, 9 Apr 2021 06:32:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yZgmBnMUQ-1S for <netmod@ietfa.amsl.com>; Fri, 9 Apr 2021 06:32:17 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2116.outbound.protection.outlook.com [40.107.223.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC0143A2150 for <netmod@ietf.org>; Fri, 9 Apr 2021 06:32:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=do9tcUhg10V1qDB3p3k+NjbCH9MvDRAKEytyzQWLdTxrV5GBRN7KF31SFocpRd6UXQAhlK0ZIATPz86IMxrMaSdzKOjNHRG5LMZnHWCYXcQHV5JntOJRXC/ltb0FDeKZ/O2e48RWXJ/044f0buT2eL6srfg9GMyrPktGHN7duf8jsuLn27xT0Y/Ph//2xEuEYaIDOXGmcLrDgvpbTSvtB56vOOhri5wnKhUb6ugBBwuL8TTXjHoZJvMkVyg4Kg4GkPiVGR2peJpP/AQI8mFQq50qMfT1+3i1elqwNwUYG7u7FOLEcxuD3G18ryo7HVevjOEplX4H2V5U4TxSp68J4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SKdXH0LKRQo7++1OQGWRVouo/5H/EL6f4o4rc+epOVY=; b=JiSIPKsHWpG1JJiCYZQIdfwgSPCSBVgoZa/htDAmy9LuUhumf2RrT2a0CeeuQJEKZpBPv5PkkdbPYnrMfZYDZJWoV+xuVST72fkvaeUlilKs5u5sJm8kg6ys2u2Vrrh9KHRsGEKrxi/XjxCp6WhbIZSyMPA1vufwWKIdmsxNw63oIAYgERKMws5KDp54sZDmKK4Qb0qhL3ssct9SwDPf1QcClPTqbGk7dM/grKrSNWfdp7+48g8AsnvSFFESuLAnX70f3fr/90c8SsBLzs8nJFEP38WM0dGeiZ7Q97R0eKpJkIe7N1EfHy2Et1HvFfrAHNvWCs4QhWsXYKy2AOsumg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SKdXH0LKRQo7++1OQGWRVouo/5H/EL6f4o4rc+epOVY=; b=xaFCDD3KBG6Uvvb8K/MrpelgDyLK+ipeepMi+B9peYfeKOngheXUwyvM9ZhmzQZ1eqzSyQSNLsnVmBftthWLsloROQp2ndiMphDsGCagTf5MyYsK6s5vSznDrT2XPJDywGFgyyQ+uY3j4UhEu11JlJeOHNrXLHNMbb4ZQ4TizHY=
Received: from DM6PR08MB5084.namprd08.prod.outlook.com (2603:10b6:5:41::29) by DM5PR08MB2859.namprd08.prod.outlook.com (2603:10b6:3:144::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.18; Fri, 9 Apr 2021 13:32:15 +0000
Received: from DM6PR08MB5084.namprd08.prod.outlook.com ([fe80::4c19:5c12:5ed6:96df]) by DM6PR08MB5084.namprd08.prod.outlook.com ([fe80::4c19:5c12:5ed6:96df%4]) with mapi id 15.20.3999.036; Fri, 9 Apr 2021 13:32:15 +0000
From: "Sterne, Jason (Nokia - CA/Ottawa)" <jason.sterne@nokia.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
CC: "Rob Wilton (rwilton)" <rwilton@cisco.com>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] Client validation text [was RE: YANG Versioning Weekly Call Minutes - 2021-04-06]
Thread-Index: Adcrjvs0u1Y2kX7cTWaMCLlk2EmADgBEca5wAAHbCoAAJt+v8A==
Date: Fri, 09 Apr 2021 13:32:15 +0000
Message-ID: <DM6PR08MB5084D71FD6FF7F029318AFD69B739@DM6PR08MB5084.namprd08.prod.outlook.com>
References: <MN2PR11MB4366255A77C76D9004360169B5759@MN2PR11MB4366.namprd11.prod.outlook.com> <DM6PR08MB5084935EDB6AB7718B695BAA9B749@DM6PR08MB5084.namprd08.prod.outlook.com> <20210408185127.l7cafoeq6svs4ns4@anna.jacobs.jacobs-university.de>
In-Reply-To: <20210408185127.l7cafoeq6svs4ns4@anna.jacobs.jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: jacobs-university.de; dkim=none (message not signed) header.d=none;jacobs-university.de; dmarc=none action=none header.from=nokia.com;
x-originating-ip: [23.233.24.194]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bccd0f56-d55e-4ad7-b08d-08d8fb5be3f0
x-ms-traffictypediagnostic: DM5PR08MB2859:
x-microsoft-antispam-prvs: <DM5PR08MB2859468F8BE6D1B26D7589EE9B739@DM5PR08MB2859.namprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uAVcVkLnDUJBKy49Zk493kVA65PpUqu5wAE87+DGCoZwxHJcreMfPg0dZyeoqSWTmseszDqMq4OJzdiA4ndC40wTwSqUGTEl//RPZAAGB+mRrKxhDzJ302UVqkl+Xehb+u9nCwahwGp+Q1+m4bG/YpY/5Nf0HL8uFituPr1kayAvsJY0pNBL4x4A1XaWJzCeEdiJQBZecqyvUzQsWo+7974y4jqSzREpu5cDeKRcT0GBPhB/whIMD5k3/us23dYc3ysd3K7k5KfxSRUuPJpjJ1uHJRXC/jW49H91uxzi0x5l+JXN04UHbOx6LLhl7FhZf42elbOndgcr7cI+SGSYX3AvHZYrNQsp9os//JxjqUv53yqLEYc8jr+iiEyU2jE7jJFtbVL5gObB3yyJ7jX4wZfeHdwUek9mkn+mHH22WhjUK4NSK/yusAFLP4bnVTKaXSRbGYJTClP/1Mg+GoFU+JRCfkiknQvTnWnuq5TsHbfm/Zizjhf/kAHU9GPc6xCcbrPtbGkBJZGIx50NwFlt5rpfQ1plghteu5sjcX9LxDY2QP0h23+2CH/NR9hr2arIgwbQY2jB38NnNyjsDekJ01GFUCWp6qYlg0RaXUixSinHK8hk/T23oYW3CneIYZ8bXanpEnEZ1+BGHBMSSpgfkbAwKEzL3Mr3xPgY68RYqAxr+7rCI9psPZnmwkM0yvSIDK/8fyLzkqLQ7IMuKYGUeppQqL03q8aMHiIk12lXMjk=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR08MB5084.namprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(376002)(366004)(136003)(39860400002)(346002)(55016002)(71200400001)(33656002)(16799955002)(316002)(966005)(9686003)(26005)(7696005)(38100700001)(54906003)(8676002)(186003)(66556008)(5660300002)(64756008)(6916009)(76116006)(86362001)(52536014)(83380400001)(8936002)(6506007)(53546011)(478600001)(2906002)(66946007)(4326008)(66446008)(66476007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 4D2aF5SmfC3s0frXEtIcsUgos6gkWR4tpZrJtiptSmBrdhaALe3MKzGwtcmIQrFlv4XhM3iHa05M17aJ5X4jS5k6/S90I9+9SzgiTKIa8Xfe8U5lqgpkeFtSrlK/zYTfQryRfSLUEHApNiaRrO5vsFo+P6pl/IEceFGXnyAMEpik+H+8bZKws48+6SZjZ+3N25WK3OJRNz4JkAxDeEDraM0yGtj36VEf1jg8tIhjQRUyMHO5NyVXJLrUtIcfmyxxG/yUIN/mYtxItoCHtzLxlCG8/0CsMuv7pY7VJ6kntowjRAHig92d9xv9zWmbDPu9dxB2IAh1B2slLo4SOjJWjlYU51qLo7VRXVdF2Iv5+XVvuuCpw9bX9sBm/OAvYpGtrDFYMRwQvDP96/eoqd9nuSAf4TTL/OZzzlQyyrCtLhExCpZbQGg8BFWbPDUwMIVjymB2B4BA1+d8Q0Pu9YrRSlTErp1Dv/FMUmb7Ogv+lZzlBwK50ZDcpkwKnlb2AUeM65DvESsXzK2nUeRooQ3X0fNPRDTNRbUo4UPBEZLsWFf7Jl6EvOF0E0faB0G4O75IOFCMEXbuQt4ZSeQSsYjez6aOwxKzEtaIS7t7u9HTtPRCLgunTC4skiSwLp0hQLv8c67m/lFvjDAou6CBXbgmEbnm6SpBMR15jJ+Wo9PiTnTog8i53oT6E51iY8M08gKGDuuCxypql2FCA05FUuIzv/O73oluUay5voe0UMXmqi0ocW6y6ETpXhdAczJjcxKNPMc5LBo6Is8A75lWIBinfi3/IqUj3+0MzuMhj8tX3Sr89qTDFn2Ho57eDDjUiJT8MzQeF5oBkRO6zvpiEgkqPZAFJTJ0vwqgKpoEbs6ptfE8o7YpxgRhlPayJbbrj6ljHQ8/VoRIVSLezz+vMlDn0qb+urmwTPJy1mSA/0kNeUXJvcLiPsqdI89ciYXlZdG3zpDgPV7RWDvO5ZKgLg9qYvAuOrwJDVChySi9E8sjtprISd1LSSEWP8qSPHXo8nJlL6NSE4G/kCM3cSn8CLpAwE/UVx8S3LlzOS5VR1/Uc8MuLaQvgvXRHg+sIp2xhigmn7CLlFauky9VX5AnPkF01NCvNIclIHiGVBQ5TgQ5hxSuHpBOQtDgXiMIPE0U/ZS5Scpn1RThbjoJrcAK9EfBMAYYe/1NTxh8XlRXKZONzZA+64rHiGI7xTCef4q8rbhGfSVi2WJ9yfgBKZarIShZhiUkJ5H4CDigyCobgx9FwRmiDvR0bsnbXBivPyRiGgeGypV++HC5iz/7llTg/4tE1P791nCYfnaxYtP06f2QliEdpM6mipMVf0LPbc4i73Nn
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR08MB5084.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bccd0f56-d55e-4ad7-b08d-08d8fb5be3f0
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Apr 2021 13:32:15.6543 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Qs8rPa8GJiq4J4ztx/LLUtqGroIcLJftAayTYK4flgXI18RHZ8wo5d/kapg1i2OO4eLestMe2ex9B7x6EbwFMg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR08MB2859
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/rg7CpoEdisSkQDj6alzYQpMTLjM>
Subject: Re: [netmod] Client validation text [was RE: YANG Versioning Weekly Call Minutes - 2021-04-06]
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Apr 2021 13:32:23 -0000

Thanks for taking a look Juergen.

Note that the first part of Rob's email was the *old* text that he suggests replacing with the bullets in the second part.  But some of your comments in the old text probably also apply to the new text.

The root of this section in our draft is that we wanted to clarify how to decide if a change is BC vs NBC for *state* data (config false).  Our feeling is that we may want to refine some of the rules in 7950 for state.  

One key example is this:  7950 says that adding another enum to an enumeration leaf is NBC (and that applies to state). But that may not really be how most implementations would want to treat state. Would we really want to flag a module as non backwards compatible when a state leaf gets an additional enum?  Wouldn't that create a lot of unnecessary noise?

Jason 

> -----Original Message-----
> From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
> Sent: Thursday, April 8, 2021 2:51 PM
> To: Sterne, Jason (Nokia - CA/Ottawa) <jason.sterne@nokia.com>
> Cc: Rob Wilton (rwilton) <rwilton@cisco.com>; netmod@ietf.org
> Subject: Re: [netmod] Client validation text [was RE: YANG Versioning
> Weekly Call Minutes - 2021-04-06]
> 
> Some of these make no sense to me and I wonder whether we really need
> to define these.
> 
> On Thu, Apr 08, 2021 at 05:58:58PM +0000, Sterne, Jason (Nokia - CA/Ottawa)
> wrote:
> > Hi Rob,
> > I like the reformulation of this.
> > Jason
> >
> > From: Rob Wilton (rwilton) <rwilton@cisco.com>
> > Sent: Wednesday, April 7, 2021 5:19 AM
> > To: Sterne, Jason (Nokia - CA/Ottawa) <jason.sterne@nokia.com>;
> netmod@ietf.org
> > Subject: Client validation text [was RE: YANG Versioning Weekly Call
> Minutes - 2021-04-06]
> >
> > // As a contributor
> >
> > Hi Jason, all,
> >
> > In yesterday's meeting there was a discussion on this text, and Joe pointed
> out that any sensible client must validate its input.
> >
> >    While incoming configuration data is checked according to YANG
> >    constraints, constraints on state data sent by the server MAY or MAY
> >    NOT be enforced.  The following guidelines are provided for client
> >    application designers to allow a smooth interworking with servers.
> >
> >    o  A client MUST tolerate any data received (or not received) without
> >       crashing.
> 
> What is 'tolerate', what is 'without crashing'? Are we talking about
> buggy parsers or buggy backend logic or backend logic fooled by
> inconsistent values?
> 
> >    o  A client MUST be able to discard any data that is not part of the
> >       model but is sent by the server additionally (e.g.  XML elements
> >       or attributes, JSON properties).
> >
> >    o  A client SHOULD be able to handle valid parts of a received data
> >       set even if it discards other parts as invalid.
> 
> In all cases?
> 
> >    o  A client SHOULD be able to handle data that is outside the
> >       valuespace defined, as long as it is of the same basic type.
> 
> Really? What does 'handle' mean? If a value makes no sense at all,
> what should the client do other than discarding the value (and logging
> an error)? Or is this 'handling'?
> 
> >    o  A client SHOULD be prepared to handle more items for a list or
> >       leaf-list than what is defined by the model.
> 
> Again, what does 'handle' mean???
> 
> > Based on Joe's comments, I suggest that this text could potentially be
> written as something like:
> >
> >
> >
> >
> >    Client applications are expected to perform sanity checking of data
> >
> >    received from a server and to handle unexpected or missing data
> >
> >    gracefully, e.g., this could include ignoring unexpected data, or
> >
> >    logging unexpected values for further analysis.  Clients SHOULD NOT
> >
> >    discard an entire response from a server because some data contained
> >
> >    within the response is not expected.  Examples of well-encoded but
> >
> >    unexpected data received from a server may include:
> >
> >
> >
> >    o  Values that are outside the value space of a data node defined
> >
> >       in the YANG schema, but that are within the value space of the
> >
> >       underlying base type, e.g., if the value represents an unexpected
> >
> >       error condition on the server.
> >
> >
> >
> >    o  Additional data nodes, e.g., if the server implements a
> >
> >       different, but compatible, version of a YANG module.
> >
> >
> >
> >    o  A greater or lesser number of list or leaf-list items than the
> >
> >       permitted range defined in the YANG module.
> >
> >
> >
> >    o  Non mandatory data nodes that are sometimes missing from the
> >
> >       response.  Noting that the server is expected to deviate any data
> >
> >       nodes for which it will never return values for.
> >
> >
> >
> >    o  Values that do not conform to the semantic constraints of the schema.
> >
> >
> >
> >    o  Additional YANG meta data in the encoding (e.g., XML elements or
> >
> >       attributes, JSON properties).
> >
> >
> >
> >    NMDA [RFC 8342], section 5.3, provides additional constraints on the
> >
> >    data that a server can return from the operational state datastore.
> 
> It might be necessary to write the security considerations text for
> this.  From a security perspective, being lenient is often a
> mistake. For example, if a leaf is of type inet-address, I rather not
> have clients accepting any garbage strings as IP addresses.
> 
> I am not sure why we go into this. Which problem are we solving by
> requiring clients to accept any garbage?
> 
> /js
> 
> > Thanks,
> > Rob
> >
> >
> >
> > From: netmod <netmod-bounces@ietf.org<mailto:netmod-
> bounces@ietf.org>> On Behalf Of Sterne, Jason (Nokia - CA/Ottawa)
> > Sent: 06 April 2021 15:10
> > To: netmod@ietf.org<mailto:netmod@ietf.org>
> > Subject: [netmod] YANG Versioning Weekly Call Minutes - 2021-04-06
> >
> > YANG Versioning Weekly Call Minutes - 2021-04-06
> >
> > Focus for this meeting was going through Jason's review comments for
> section "3.1.2 Backwards-compatibility rules for config false and output data"
> of https://tools.ietf.org/html/draft-ietf-netmod-yang-module-versioning-02.
> >
> > (A)
> > Valuespace:
> > - value space (with a space between the words): use 7950
> meaning/definition (remove the definition in our draft)
> > - make "must" its own bullet
> > - don't particularly address "description"
> > - Balazs propose updated text
> >
> > (B)
> > replace this:
> >
> > "an additional state leaf can easily be discarded"
> >
> > with this:
> >
> > "the presence of an unexpected state leaf is not typically a problem and
> may be ignored by the client"
> >
> > (C)
> > replace "config=false data" in the 1st paragraph with the following (and
> keep the quotes - that is how RFC8342 presents it):
> >                 "config false" data
> >
> > (D)
> > Lots of debate about the "client" bullets in 3.1.2.  Didn't conclude.  Perhaps
> just summarize and say clients need to sanitize data (give examples of data
> they might get, values outside range)
> >
> > ACTION: focus on reviewing section 3.1.2
> >
> > ----------------------------------------------
> > Weekly webex call details:
> > Meeting number (access code): 171 069 0374
> > Meeting password: semver?
> > Occurs every Tuesday effective Tuesday, September 1, 2020 until Tuesday,
> August 24, 2021 from 9:00 AM to 10:00 AM, (UTC-04:00) Eastern Time (US &
> Canada)
> > 9:00 am  |  (UTC-04:00) Eastern Time (US & Canada)  |  1 hr
> >
> https://ietf.webex.com/ietf/j.php?MTID=ma7627a2ae7b770537cff5f5b89293
> c70
> > Tap to join from a mobile device (attendees only)
> > +1-650-479-3208,,1710690374## Call-in toll number (US/Canada)
> 
> > _______________________________________________
> > netmod mailing list
> > netmod@ietf.org
> > https://www.ietf.org/mailman/listinfo/netmod
> 
> 
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

v2.23.0 | Report a Bug | By Email