IETF Logo Mail Archive

Re: [netmod] Benjamin Kaduk's No Objection on draft-ietf-netmod-yang-instance-file-format-20: (with COMMENT)

Balázs Lengyel <balazs.lengyel@ericsson.com> Thu, 07 October 2021 10:43 UTC

Return-Path: <balazs.lengyel@ericsson.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E00B43A0DB8; Thu, 7 Oct 2021 03:43:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.553
X-Spam-Level:
X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xR-LNseciqEa; Thu, 7 Oct 2021 03:43:43 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60050.outbound.protection.outlook.com [40.107.6.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5595F3A0CBB; Thu, 7 Oct 2021 03:43:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NzHbb7kJ5T3QqW0gygBe4UY2083AKGhT3p4kz9qcQKYYLf/3yl0A4cZbbj8SryiQvPRfyi37tYF3BSV1XTcZ/g83t2GEglH4HmD9kDrJU+aHvACXUd+uz5ZzgNzlG1vKzKw+ccWOtafVYVVDsGIi+GA1JJS78yKejR4gKsuqtIe4O9Gpku68cUfy5eZl6phRVotRhuDMvQvOBS7y/VuaVpJSFY1Tg7/EuoCtSQJjgKrU6isERh23OdzIwvqB2lQf2ylxt6NehNJw3VkQGQFJxjLakxJs+1PeJWiaACiamsx056p/cX3HQWJtbvJqRXikDy9f3UiY5rweLLz9UB2ALg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KwbjkQCZabpVv2CQUdmGlUQHAJrhnx9rhkCuN05PQOs=; b=n/IfcG18Uzb+5HxAOVO5SnrPFKjxY9tHhuRc/fVinZBvPPGWisVyqkkzTNd1HZpLfrWCRgIaTQTjzcrZtikS5n0y0d/gbssOv7vi80mybE246kG3+xxDMKrYUsAdeyA012luhtors0rl1aEXqo3dFVZTKyQOPzIQ5ipce7VD0GoYoACFYIQ7kGCMJOtwzzSrsv0aPWcmpLUGZOrWjhY3K8lgeiJuKGIxxSkl4s3FLWpVULTuWivpZH0B2H9UK5Nzltq3uEVJa7uTDTgtDU2vLJVMqPN4PD+jXkrCGog37nP5n8JNAp414J2Dn7zf5sXTPPpnFS+1RdhM7uLThjXZNQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KwbjkQCZabpVv2CQUdmGlUQHAJrhnx9rhkCuN05PQOs=; b=MXp2DlPCgLqajkFcXCNDUDwhHNPOlUablNO99y/sUjMJVXhxoqjxfYoxV1coT6D7UHOeLdNptA78oeiOdgeYTKGyc9fEqne23EjT+7qYIo6N8FmmfTY8riaoNcLHxlwLHCFFBcwcrmwNPl1P+6tM67FH7cXntEX8VTv6WTdSiF8=
Received: from AM8PR07MB8230.eurprd07.prod.outlook.com (2603:10a6:20b:325::15) by AM8PR07MB8262.eurprd07.prod.outlook.com (2603:10a6:20b:325::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.7; Thu, 7 Oct 2021 10:43:28 +0000
Received: from AM8PR07MB8230.eurprd07.prod.outlook.com ([fe80::7cd1:f5c7:9eea:a0d1]) by AM8PR07MB8230.eurprd07.prod.outlook.com ([fe80::7cd1:f5c7:9eea:a0d1%4]) with mapi id 15.20.4587.017; Thu, 7 Oct 2021 10:43:28 +0000
From: Balázs Lengyel <balazs.lengyel@ericsson.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>, Benoit Claise <benoit.claise@huawei.com>
CC: "draft-ietf-netmod-yang-instance-file-format@ietf.org" <draft-ietf-netmod-yang-instance-file-format@ietf.org>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, Kent Watsen <kent+ietf@watsen.net>
Thread-Topic: Benjamin Kaduk's No Objection on draft-ietf-netmod-yang-instance-file-format-20: (with COMMENT)
Thread-Index: AQHXuzd5uI6z3GIIZk29+ox6NzkpcqvHMs6w
Date: Thu, 07 Oct 2021 10:43:28 +0000
Message-ID: <AM8PR07MB8230FBE7CE299FC130504357F0B19@AM8PR07MB8230.eurprd07.prod.outlook.com>
References: <163358247829.29462.17588872571177332548@ietfa.amsl.com>
In-Reply-To: <163358247829.29462.17588872571177332548@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d4ad507a-6c52-45bd-c13b-08d9897f4ca2
x-ms-traffictypediagnostic: AM8PR07MB8262:
x-microsoft-antispam-prvs: <AM8PR07MB8262F83BC93B7A79E3DA28FCF0B19@AM8PR07MB8262.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BuZ0MioLccAWQgFFpsgYkEmMCrZT2vFK18GaABginPU5guWZkCnBSqWTMdrv3aCNz42VFVO0CpISUEQu56U/9g6t38K1FkXrokl+7XeGyTrWvE9wKMcXKPwQLo6uo+qwemEB1QYK42B0Yq0UMJVnfjPwMVUCVrqsexcmQPbPe9zg67NuIwxscmQvkkG4NBPqns84qZ7YNfR41OJpBQ0Zqz0G0uUlcuUEsE3sUZvJ4u4mMXisKcn61YJoL6J2sZmw6rbpmMwV5iofSFrwGvMaLGL5nSK16tyGbtm7vJRmky5L/tqR/acmew+PkMuuQ+nYmhVVF+H9/EBr+OF9mnWJR3F1MnmgDXvCUodUnYk6v5tgimnk1GlfhF+HmitvJ39rw7cnoGZKbHoUiXrCu4aUqaxT4qiazBFoccLvyn9fSWYpdCw4zwgjuIGCw5iwEjR0L7AYRkRRIyWDYBE5xnKHrQxoqQiGCTbnZ92sQ5QsJeqIwtGj0cdIh4PSaMXJbKuoXT3UOnTNZje76DfZYu3hWixiEvpq0syHOLJj0Y01X1+/g6Qj/kktCn/bxeuXnLo7npoDsNluqTlWzdYRxOTW9Z1YGatBLwEEhBHhGYlaTppooG0VQrmY85icW2Dj2sUMmg83FJ+1Y8qilQDg3Z51DwvsgKB6nHxGB8MuW7BgpZS0MEII9sEICwU1ViIr2IheG3hs4gatPUF7mt6jC6hhhTtvkV0pUP8/Z2WE9QUc9ow4ncQT3tSLN647n0RNuKHRfE4m6d7PFApZqd19/jhVC8nzddfQpgT8rQ/CzaDUevw79sb27aF34vJyNbvZXSlrkcP2kePbUKN+AkkB/QpK3A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM8PR07MB8230.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(83380400001)(66556008)(54906003)(2906002)(66476007)(76116006)(122000001)(66946007)(186003)(99936003)(316002)(86362001)(64756008)(66446008)(7696005)(71200400001)(33656002)(66574015)(26005)(9686003)(55016002)(508600001)(5660300002)(85202003)(52536014)(38070700005)(85182001)(4326008)(8936002)(966005)(8676002)(53546011)(38100700002)(110136005)(6506007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: bHYEuKbKoXGlMaMZwRAx8K8fXolGQGH96mFUyXtZRDuerfYmYgz5vcuFC1CgukjCTNWpw5DTal8a1gEUT3o6143VcM+lcjIx5G4jXp0QLz4U8gBFaHqaRAxxn4yMNAx3IJiOfv2otEyouIVWYn/DHn/uUZwvmzTwRXNOf+sMjcNUrPIywCctCJZZrXeRgbS+ZjDhkc+AsGLT49FYpAm82D7dNdT0AbwkjIOCIZxsNoUY3cibNu4mn/eeeAyQLe0hzQ5A4m5SR/0XWo+QTWmxiuhAHMWr3sftCpM72url+N3Rd97hoKIvdI3EXyaqHyi4PPEw+UVWIT/1g8eaXqj7Ztcso2CQG6noAWUXF4rP+y44R3HC+mY70MDJllkdDd7+ZOTTcFwNRVMvD3endg8JkBYjfzn984MVTPinr11ntahQWDyKT8w3AVGXzGY9ogrASMSV0Us1ZuZfocMJH+W17Nhve3Nn5ri5t3gB8HdQUz5WFbNXMSZj1+Bf4CssiaGpdGzCPAH2uE2y+MtOLSjlQhnKqEmNI20OIfRZ0m40PgUlt0GBDKYWR9qSk056B3jyUXIR94cuSVIaHeYFKUTeY2d0XyPowQiLVPRJqYoBVSHtM9s0anfVTHoFAyhNEm/o5ljtoH8dp50zLksi5qPYkOrCG3RlB769gpROO0JccqSxfwJ4duTmP+QM0ns1g5L3H0Xdz+wPgLEhXCWWFL0wwWQ9P0IDK1Y2nxvTWhMLC1dfU6Rz7w3ZTplPMdL1Rx4sge1kP0ldi6NXmeGwnKfjjaPQnfYXGUSih30c8N4LxyGAWDE3d6lwys2zscek8tw3yoWhoPpZTmtNQJR8ryB2vwDb1MdPcl7IhHAnXVjaiOREnnnoGzO0nCLslMgFPgtGMLpb+WbkGqORmuh0OHxcKHiMfh34+d/X8/KnhME7RzTGwRRjN9ZyvvdieWGV4K8mzMQWzIyiI2lRZcV+jLTGwdlxsteLwNyTmClMWIRkn2fcMaRTg2h3qo1sZwH7LgfQ4FZtmM7sPaJcjh9jLpkgHa4Gh/jSuD5avYZkUyiiL+rzpnjQcxPGCyWCrUOKCDYRZlZjCuRw5FIaLPTTCHRIhVGTKOfsJkRgkCJg9vVsWKeIpEkD2HfLbMBpGBgz4QRJcDjXAUVeZ6EAqhE/BG+ICRsvM5yCU+Mh0vLQRGgIVKkH/usivr4cB5PjfkE0if/LNHxuw7mB0mjoCoWpZ8IjwrnEGwHTlDDzX+wAXrsJ7/gpetaQJsLpDmUjw5ybL2Nm7nXYx6F6BupepRcZLNgBTycwmKcnBzwt2Z6j53Q8Qfs=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0453_01D7BB78.ECE8FA40"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8PR07MB8230.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d4ad507a-6c52-45bd-c13b-08d9897f4ca2
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Oct 2021 10:43:28.8714 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +m4ynSXyyzHj3l7Jw57InJ7jcdh6svSXc5f/vobfw5Zx5QMdjejtsLkfwizu4DHWN71Zdqq2u4xWTJF0qm/9zBfp01Iw8tBiZbl/CiGS+6I=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB8262
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/vTnGcbjXRiKONac8k7Mp38x2oIw>
Subject: Re: [netmod] Benjamin Kaduk's No Objection on draft-ietf-netmod-yang-instance-file-format-20: (with COMMENT)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Oct 2021 10:43:50 -0000

Hello Benjamin,
Thank you for the thorough review. I used your comments to improve the draft. See my detailed answers below as BALAZS:
Regards Balazs

-----Original Message-----
From: Benjamin Kaduk via Datatracker <noreply@ietf.org> 
Sent: 2021. október 7., csütörtök 6:55
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-netmod-yang-instance-file-format@ietf.org; netmod-chairs@ietf.org; netmod@ietf.org; Kent Watsen <kent+ietf@watsen.net>; kent+ietf@watsen.net
Subject: Benjamin Kaduk's No Objection on draft-ietf-netmod-yang-instance-file-format-20: (with COMMENT)

Benjamin Kaduk has entered the following ballot position for
draft-ietf-netmod-yang-instance-file-format-20: No Objection

When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-netmod-yang-instance-file-format/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Should we register media-types for the file formats being specified?

Section 2

   Two formats are specified based on the XML and JSON YANG encodings.
   Later, as other YANG encodings (e.g., CBOR) are defined, further
   instance data formats may be specified.

I don't remember seeing a clear description of the specifics of these two specified formats.  (I assume it's just "use the XML/JSON encoding for YANG structures", but I don't remember that stated anywhere.)
BALAZS: I added references to the relevant RFCs (7950, 7951, 8791) As the model starts with a YAN structure, I included YANG Data Structure Extensions RFC8791 too.

   The name of the instance data file SHOULD be of the form:

      instance-data-set-name ['@' ( revision-date / timestamp ) ]
                     ( '.xml' / '.json' )

This looks (almost?  Not sure about '@' vs. "@".) like valid ABNF.  Do we want to say that and reference RFC 5234 for the interpretation of the symbols?
BALAZS: reference to ABNF added. Changed to double quotes.

   If the leaf "name" is present in the instance data header, its value
   SHOULD be used for the "instance-data-set-name".  If the "revision-
   date" is present in the filename it MUST conform to the format of the
   revision-date leaf in the YANG model.  [...]

This seems unenforcable, and contrary to the Unix ethos.  Why is it necessary to try to have consistency betwen the contents of the file and its name in the file system, as opposed to letting the type and contents of a file speak for itself regardless of the name in the file system?
BALAZS: We use the convention of RFC7950: to use the name of the top YANG construct 
in the filename (there the module name here the structure name). 
In practice this convention proved very useful. (There already exist some implementations of the YANG instance data).
A similar rule for YANG modules is enforced by many tools e.g., pyang and confdc.

   Metadata, information about the data set itself SHOULD be included in
   the instance data set.  Some metadata items are defined in the YANG
   module "ietf-yang-instance-data", but other items MAY be used.

   Metadata MUST include:

      -  Version of the YANG Instance Data format

Doesn't the latter (MUST) effectively make the former (SHOULD) also into a "MUST"?
BALAZS: Yes, I will change it to MUST. The format-version is a MUST either as a default value 
(not actually present according to YANG rules) or as an explicitly specified value. 
The other metadata items are only recommended (SHOULD).

Also, if this is actually mandatory, shouldn't that be reflected in the YANG module?
BALAZS: IN the YANG module leaf format-version has a default value. That means that 
either the default value or some explicitly set vale is always usable for the user of the file. 
Added text to clarify this.

Section 2.1.2

   import-only dependencies MAY be excluded from the leaf-list.  If they
   are excluded then the consumer of the instance data set has to apply
   the YANG language rules to resolve the imports.  An example of the

Do we want to say something like "Accordingly, recipients of the instance data set must be prepared to perform this processing, absent prior knowledge about the files they will be processing"?
BALAZS: According to YANG rules the "implemented" module that is specified in the content schema MAY have used an 
  Import-by-revision statement in which case the revision date of the imported module is fixed/specified in that YANG module.
If import-by-revision was not used, any revision of the imported module is usable, which in practice for most tools means the
   latest available revision. 
IMHO which revision of an imported module to use should be and is covered by RFC7950.

Section 2.2.1

    <contact>info@acme.com</contact>

Unfortunately, acme.com is a real domain name; we should probably use a BCP 32 name.  Likewise for urn:rdns:acme.com:oammodel:acme-system-ext,
etc.
BALAZS: OK, I will change references to acme.example.com.com as according to BCP 32 example.com is reserved.

Section 2.2.2

     <nacm xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-acm">
       <enable-nacm>true</enable-nacm>
       <read-default>deny</read-default>
       <exec-default>deny</exec-default>

Is there a <write-default> that should be set as well?  Or do we just implicitly rely on the default from RFC 8341?
BALAZS: The latter. As defined in RFC8341 write-default's default is deny, so it is strict enough.

Section 3

         description
           "An arbitrary name for the YANG instance data set.  This
            value is primarily used for descriptive purposes.  However,
            when the instance data set is saved to a file, then the
            filename MUST encode the name's value, per Section 3
            of RFC XXXX.";

I think this requirement is currently stated in Section 2, not 3 (though in my previous comment I suggest that the requirement should be removed).
BALAZS: Thanks,  Section number corrected.

Section 4

(I wrote, then deleted as duplicate, essentially all of the same things that Roman commented on.  Thanks for updating in response to his
comments.)

   The document does not specify any method to influence the behavior of
   a server.

A few of the listed use cases seem to involve loading configuration into a server, which could perhaps be considered to influence the behavior of the server in question.
BALAZS: Yes, but the document only defines the data format. Section 1 states:
" specifying how and when to use YANG instance data is out of
   scope for this document.  It is anticipated that other documents will
   define specific use cases.  Use cases are listed only as examples."

   The header part is not security sensitive with one possible
   exception.  If the URI method is used for specification of the
   content schema and the URI includes a username and/or a password, the
   instance data file needs to be handled securely as mentioned below.
BALAZS: Corrected based on Roman's comment.

In the terminology of RFC 3986 this is the "userinfo subcomponent", as in "the URI includes a userinfo subcomponent".
BALAZS: OK, to be updated.

NITS

Section 2.2.1, 2.2.2

It's a bit challenging to get the <revision> of the file to be much older than the <revision> of the YANG modules it uses.
BALAZS: It was a bit of a joke to use two historically significant dates
1776-07-04 US declaration of independence
1956-10-23 Hungary, the start of the revolution against communism and Russian occupation
I will change them to newer dates.

v2.23.0 | Report a Bug | By Email