Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name
"M. Ranganathan" <mranga@gmail.com> Thu, 26 October 2017 17:26 UTC
Return-Path: <mranga@gmail.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5555613F3C0 for <opsawg@ietfa.amsl.com>; Thu, 26 Oct 2017 10:26:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AKG7nnxeGdD7 for <opsawg@ietfa.amsl.com>; Thu, 26 Oct 2017 10:26:47 -0700 (PDT)
Received: from mail-wr0-x234.google.com (mail-wr0-x234.google.com [IPv6:2a00:1450:400c:c0c::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1006213D179 for <opsawg@ietf.org>; Thu, 26 Oct 2017 10:26:47 -0700 (PDT)
Received: by mail-wr0-x234.google.com with SMTP id p96so3895236wrb.7 for <opsawg@ietf.org>; Thu, 26 Oct 2017 10:26:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8HFwN0w4dHa8S7vIXwQlPPSAZ89eJ5U2uYDHzWnUSwc=; b=hekoaRQRTf9rVHqENkXaxK0AGbz/aIePdbTVWymEkelpIUPrZPR/yLHknh9Wddrhge mjKzUb3KoO+PZFjHyQ4Ymoe6huD/3XBLYRfWVZX8tCMYcntWxzjrI+/nOXGbbpXfkSfi exGbvCswxtKJyrHvScieqXd/M2JmiMnGLBR/OkmC2V+aXRi2GVRParOwmXDUOgfxpvBO jqE5wSvTMY+t0mRhiTWqCsYF2FVbpQKs2atA0AVBk065hPGGp5x+wVa3rKj4CPDfcQI4 zYo/3q91rYnGhe+0TBNtUwnsDf1MOaYptefS4P2jsQJe1e0OCDNJFK5IwK5mhFjA/wgj prDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8HFwN0w4dHa8S7vIXwQlPPSAZ89eJ5U2uYDHzWnUSwc=; b=TtZaukGL99+sk8v+5xeA4OsTKhZ8uPG0575Hb3fcIeQFQmwbsofdRTA/YhNwVwwAPh DQv9YQKPlCGqBW1KkfUW46QEpCamNx8aOsdKhIvSSrhh2+ZFeVltJtXvpHcVCT0+JQHj 5iv1aAlOKQppyOgn5UqvFw5ngGd3aLagmiiYex8DK5JGUKamIHS8mjm21K9dBj27tJx2 syiSRuazUDB63fQX6sYpPyWAATasnlM6TRSLSqDgEk8mI4ye5DHu98t+dYtwf4XJ/G91 ZjirQFcp4J6BFmVW5hiTAzF0G47h2njeiXdovIfHrrqIIYgbPBEQilstepVVG8hiIais FmMg==
X-Gm-Message-State: AMCzsaXhtih31pBq83qTdfdo0ee8xro5gdUzF1SqClFre1sT0o3LfcfU AwA4Rex2I/NjpMxKNX47V/1ObNg4bvzxgh0LCf4=
X-Google-Smtp-Source: ABhQp+SNFdJCv+ooQaB4o8wa5plkHgHZdMGFtewarBvBgIaKkXNG6VUC8/kFegLL2y16InA+Z06homVrxppi0MdfoXs=
X-Received: by 10.223.148.38 with SMTP id 35mr6418282wrq.49.1509038805517; Thu, 26 Oct 2017 10:26:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.152.149 with HTTP; Thu, 26 Oct 2017 10:26:04 -0700 (PDT)
In-Reply-To: <6e4b760c-3a32-674c-de40-3481bf7ca2d7@cisco.com>
References: <CAHiu4JPkhNjXM9BtWcFoa5MzFavtdatX1g4uBu4M37E+nXqwaA@mail.gmail.com> <6e4b760c-3a32-674c-de40-3481bf7ca2d7@cisco.com>
From: "M. Ranganathan" <mranga@gmail.com>
Date: Thu, 26 Oct 2017 13:26:04 -0400
Message-ID: <CAHiu4JNHGj-A_-3DfxANhtjtW60fkfPuBKq-rXv-H73wpOYO_A@mail.gmail.com>
To: Eliot Lear <lear@cisco.com>
Cc: opsawg@ietf.org
Content-Type: multipart/alternative; boundary="001a114cb408f48a4d055c7679e4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/FnETHThlTD3zGVuJymq9nKglo-U>
Subject: Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 17:26:49 -0000
On Thu, Oct 26, 2017 at 1:14 PM, Eliot Lear <lear@cisco.com> wrote: > The acl name comes directly from draft-ietf-netmod-acl. However, if it is > not clear, the scope is intended to be solely within a MUD file itself. I > can add words to that effect as part of LC if nobody objects. > > Eliot > Hi Eliot: I had mean to suggest the following change: leaf acl-name { type leafref { path "/acl:access-lists/acl:acl/acl:acl-name"; } description "The name of the ACL for this entry.The name is scoped ONLY to the MUD file, and may not be unique in any other circumstance."; } leaf acl-type { type identityref { base acl:acl-base; } description "The type of the ACL for this entry. "; } However, I have a suggested change to the naming scheme : I would like to suggest that an ACL name be directly derived from a a MUD URL instead of scoping it this way (so that it can be specified independently of the MUD file while achieving the scoping goal you had in mind). That would ease the pain of implementation. Can you make this a requirement? Thanks, Ranga. > On 10/26/17 7:12 PM, M. Ranganathan wrote: > > leaf acl-name { > type leafref { > path "/acl:access-lists/acl:acl/acl:acl-name"; > } > description > "The name of the ACL for this entry."; > } > leaf acl-type { > type identityref { > base acl:acl-base; > } > description > "The type of the ACL for this entry. The name is > scoped ONLY to the MUD file, and may not be unique > in any other circumstance."; > } > > > > > > > This is a nit (perhaps has already been reported): > > Does the description comment on scope belong with the acl-name node? > > Thanks > > -- > M. Ranganathan > > > _______________________________________________ > OPSAWG mailing listOPSAWG@ietf.orghttps://www.ietf.org/mailman/listinfo/opsawg > > > -- M. Ranganathan
- [OPSAWG] MUD draft 13 nit : Scope of ACL Name M. Ranganathan
- Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name Eliot Lear
- Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name M. Ranganathan
- Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name Eliot Lear
- Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name M. Ranganathan
- Re: [OPSAWG] MUD draft 13 nit : Scope of ACL Name Einar Nilsen-Nygaard (einarnn)