Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt

Kent Watsen <kwatsen@juniper.net> Tue, 16 January 2018 16:59 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3331212FB12 for <netmod@ietfa.amsl.com>; Tue, 16 Jan 2018 08:59:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jEF4Pgq_e0O5 for <netmod@ietfa.amsl.com>; Tue, 16 Jan 2018 08:59:07 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AB9712AAB6 for <netmod@ietf.org>; Tue, 16 Jan 2018 08:59:07 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w0GGuIVD005034 for <netmod@ietf.org>; Tue, 16 Jan 2018 08:59:07 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=lhwyJBxKSY2TkxrfyGYBJGAp5m/hSNvaG1Mi+diKTb4=; b=kz8hlANrHg7Zp4G8tdiKa6+fbke4jNfRHktvhn5mOPqBBMvvqmRflPVQ6uJ12OGwgz4M I1D6q+hiNvHntFHEcTK3fUxy/o6Z+67jaQiB/Od6AJOd9mPzCruisAE3sQ13aX16YAig SycWaUg2YRg72ObRkOwYQANmSBf21cwRRiW05thttTXoMon8Bdw9P6OCGiFMiYrdnoal bVw7DSyemAq98LN3WAJzdujY8VHcYQ1wbZyzFoT1Ct//G4xAshnl02KU+4lfbwSdFpy1 ZkXmlOV/nmWArfC9WuWMk4SfOnCbsV8mYCHhVR01k9a2zGUwKl4DlaQf6wHY5V1HjASm 4A==
Received: from nam01-sn1-obe.outbound.protection.outlook.com (mail-sn1nam01lp0115.outbound.protection.outlook.com [207.46.163.115]) by mx0a-00273201.pphosted.com with ESMTP id 2fhna8013m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <netmod@ietf.org>; Tue, 16 Jan 2018 08:59:06 -0800
Received: from DM5PR05MB3484.namprd05.prod.outlook.com (10.174.240.147) by DM5PR05MB3033.namprd05.prod.outlook.com (10.168.177.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.428.9; Tue, 16 Jan 2018 16:59:04 +0000
Received: from DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) by DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) with mapi id 15.20.0428.014; Tue, 16 Jan 2018 16:59:04 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
Thread-Index: AQHTi/jgm64n1kE5c0S5iq2VpQaBSqN2at0A
Date: Tue, 16 Jan 2018 16:59:04 +0000
Message-ID: <B21EB766-3A67-4642-9791-16586449E885@juniper.net>
References: <151579789446.21777.985631371557420470@ietfa.amsl.com>
In-Reply-To: <151579789446.21777.985631371557420470@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.12]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR05MB3033; 7:FpUJwACBInk834cxXUgI34+Mq2+7W+j7eejbfspvrP8grybJwoHHR7VeEStCyr1VTqVXT7Dh+LnmT2PQa48+rcxqO/tQtUReJstTnfAodEMrru9adaG/IugFkDuUYV/BdD2gRCGZPMMVDxQ94cn4ZmBvoGwn47lqXCePB7Epj6CLxeJfPs/xJZ232Yv8UAOmC1gE4cogLTgyrUliMJn8PwSe/n910ks10Tb7GichwISFSr1ssG4ZAbrRytIjDcI3
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 9efb4f18-c151-408a-1f23-08d55d02735b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534125)(4602075)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603307)(7153060)(7193020); SRVR:DM5PR05MB3033;
x-ms-traffictypediagnostic: DM5PR05MB3033:
x-microsoft-antispam-prvs: <DM5PR05MB3033EAFF014F895A6F1141F1A5EA0@DM5PR05MB3033.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(209352067349851)(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(3231023)(2400037)(944501161)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041268)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123562045)(20161123560045)(6072148)(201708071742011); SRVR:DM5PR05MB3033; BCL:0; PCL:0; RULEID:(100000803126)(100110400120); SRVR:DM5PR05MB3033;
x-forefront-prvs: 0554B1F54F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(346002)(376002)(39860400002)(39380400002)(396003)(189003)(199004)(81166006)(230783001)(8676002)(36756003)(99286004)(1730700003)(53936002)(14454004)(8936002)(25786009)(2950100002)(6916009)(6512007)(86362001)(6306002)(5660300001)(6486002)(81156014)(966005)(77096006)(2900100001)(6246003)(5640700003)(478600001)(83716003)(6116002)(6436002)(229853002)(3846002)(2906002)(66066001)(3660700001)(105586002)(59450400001)(6506007)(316002)(3280700002)(102836004)(106356001)(2501003)(97736004)(82746002)(26005)(305945005)(2351001)(7736002)(58126008)(76176011)(83506002)(33656002)(68736007); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR05MB3033; H:DM5PR05MB3484.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: MIS3uvVZ+eaVbDEtl4XEvg4UiSimyzUpZ8OT/EIhXFVoZyGj6ca88fTrvryOoyl6DvaCidZu2pbyL0TO1NG9pw==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <43245C34B55F2640AC48D4F285789059@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 9efb4f18-c151-408a-1f23-08d55d02735b
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jan 2018 16:59:04.8681 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR05MB3033
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-16_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801160234
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/vU6THZ18vjggJ1G6SdGzLXv59X4>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jan 2018 16:59:09 -0000

Clyde,

This draft still isn't passing idnits.  I provided the link to idnits previously, but here it is again: https://www.ietf.org/tools/idnits.  Below is the idnits output for -19 with inlined comments.

PS: I didn't also checked the other issues we're tracking, but will when we get past these idnits issues.

Kent


===== START =====
idnits 2.15.00 

/tmp/draft-ietf-netmod-syslog-model-19.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info)
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** There is 1 instance of too long lines in the document, the longest one
     being 1 character in excess of 72.

Kent: this isn't a big deal IMO, but if it's easy to fix, it saves the RFC editor a step later on.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == Line 352 has weird spacing: '...gorithm    ide...'

Kent: this is fine.  it is in a tree diagram.


  == The document seems to lack the recommended RFC 2119 boilerplate, even if
     it appears to use RFC 2119 keywords -- however, there's a paragraph with
     a matching beginning. Boilerplate error?

     (The document does seem to have the reference to RFC 2119 which the
     ID-Checklist requires).

Kent: I can't find the error.  Looking at the xml, it is verbatim what I have in the zerotouch draft.  my guess is that this is a tooling error and we should ignore it.


  -- The document date (January 12, 2018) is 4 days in the past.  Is this
     intentional?

Kent: this is fine, it is intentional.


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Unused Reference: 'I-D.ietf-netconf-keystore' is defined on line 1386,
     but no explicit reference was found in the text

Kent: looking at the XML, I see that the entire paragraph uses '[' and ']' as opposed to <xref .../>.  Please fix this.


  == Unused Reference: 'RFC7895' is defined on line 1456, but no explicit
     reference was found in the text

Kent: looking at the XML, I see two instances of an unwanted "/&gt;" string.  For instance: <xref target="RFC7895"/>/&gt;  Please fix this.


  ** Downref: Normative reference to an Historic RFC: RFC 6587

Kent: hmmm, what's going on here?  This YANG module is providing an ability to configure the "tcp" transport, even though the IESG made that ability historic in 2012 (see IESG Note below).  Searching online, it looks like Cisco supports this, but Juniper does not.  What about other vendors, is it widely supported?  Was this discussed in the WG?  Answering my own question, searching my local mailbox, I don't see this ever being discussed before, other than Martin questioning if it was a good idea in Mar 2016 (no response).  Please start a thread on the list to get WG opinion if it's okay for the draft to proceed as is or not.  Here's the IESG Note from RFC 6587:

   IESG Note

   The IESG does not recommend implementing or deploying syslog over
   plain tcp, which is described in this document, because it lacks the
   ability to enable strong security [RFC3365].

   Implementation of the TLS transport [RFC5425] is recommended so that
   appropriate security features are available to operators who want to
   deploy secure syslog.  Similarly, those security features can be
   turned off for those who do not want them.





     Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.
===== END =====

Thanks,
Kent // shepherd