Re: [OPSAWG] WG LC for draft-ietf-opsawg-sdi-02

"Joe Clarke (jclarke)" <jclarke@cisco.com> Tue, 11 February 2020 15:19 UTC

Return-Path: <jclarke@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C3A112013F; Tue, 11 Feb 2020 07:19:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=BZI9JiX0; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=e8zs05d7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NXbeZ3NSH6uo; Tue, 11 Feb 2020 07:19:07 -0800 (PST)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B719112013D; Tue, 11 Feb 2020 07:19:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3368; q=dns/txt; s=iport; t=1581434347; x=1582643947; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=P/GgCTlXKXjM7JW9bRQWCZNeX965v5zBrQqY5MIMa6Q=; b=BZI9JiX0eRloLgPkBr3ZwURUGfRTd45/o7wcyrvyXsIu6NFYZmRq8NQ+ taCV6LdGTByNZWyxEObpgV1xGzbEJ1bAOMKzVJgehDPJ4DZcUFwnnNDv/ 2uAqLtuPOXcDKBV8Y9xWEHUpcgWNq484s9kJkZJ+mptt+Fws39c70TkOQ k=;
IronPort-PHdr: =?us-ascii?q?9a23=3AzMHIjRKqPXGCwUqM9dmcpTVXNCE6p7X5OBIU4Z?= =?us-ascii?q?M7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUg?= =?us-ascii?q?Mdz8AfngguGsmAXE/wKPfwbCESF8VZX1gj9Ha+YgBY?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B5AABJxUJe/4cNJK1mHAEBAQEBBwE?= =?us-ascii?q?BEQEEBAEBgWgGAQELAYFTUAVsWCAECyoKhAuDRgOLA4I6JZgSgS4UgRADVAk?= =?us-ascii?q?BAQEMAQEYCwoCAQGDe0UCF4IwJDUIDgIDDQEBBAEBAQIBBQRthTcMhWYBAQE?= =?us-ascii?q?DAQEBEBERDAEBLAsBBAsCAQgYAgImAgICJQsVEAIEDgUigwQBgkoDDiABDqA?= =?us-ascii?q?hAoE5iGJ1gTKCfwEBBYJEgkgYggwDBoEOKgGMBR0agUE/gTgMFIJMPoJkAQG?= =?us-ascii?q?BMAESAYMxMoIsjVSDB58bCoI6lkwUB4JIiBGESItuqgkCBAIEBQIOAQEFgVM?= =?us-ascii?q?BN2dxcBU7KgGCQVAYDY4dDBeDUIUUhT90gSmLDYEiAYEPAQE?=
X-IronPort-AV: E=Sophos;i="5.70,428,1574121600"; d="scan'208";a="437424079"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 11 Feb 2020 15:19:06 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by alln-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 01BFJ6mq032473 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 11 Feb 2020 15:19:06 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 11 Feb 2020 09:19:05 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 11 Feb 2020 09:19:04 -0600
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 11 Feb 2020 09:19:05 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EFEc4GcbpS5lElFFREWv/6wHY50ipoi65sclnd5d8Pwbxxk/sGTZa84vR6YLrV2WvBi6taRX/Ms55V46U59tDUMWYvYOGXPM/XeGrphLeWQfdFdbDK89MHTNDDM6g1r6UVzL5KpxmlpbvzhxvZU6yIUqEdmbSdEX6CnaLRaSEi8FbMLSOk4StRBqF9r18mm6IenC90TnM3aKpHkWO7+9xOMR+hcLv1W1v0cK4m+BpVgBQkCxX1uVJPnFqOdS1ku0FySX5DO5SrYlr8bG7WYDBOxyocYtEegxBERYRwq973XGGUZGtoKhwDqh8CstMINrLyNQMxTOWRMp2sEmjXX8PQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P/GgCTlXKXjM7JW9bRQWCZNeX965v5zBrQqY5MIMa6Q=; b=E2ankulVm5/m5bhRbjpMXdam80HRUBG+wJHvij8BTLY1XdRho58xm0HSNs6XlsTmOFnGFUjNVpdaNhfcivTGdUfNqPYEQtnoJHT+/Bg5mpHiKPBehQAvYqQxApU2cgoHdcOwrHErAgC/qCQKB9Dwk/5MjX0Djwo9lI5xlZ7/l5+L5coNoIB+NsfiagwE8jCNiJS50HHD/Sao7VHUhRizIeQXsPbrJqZVaeZH51qFpMHJ7FUcbMKbcCp/eG2Y5UoR7qZFPUta5A0LiswQwoHWr2s/mw+C0Pk0EuG8wsTca21KYmzk5I9OMDRZHRqQgY2/gbQ9EWg/5d4roWViHwAf6Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=P/GgCTlXKXjM7JW9bRQWCZNeX965v5zBrQqY5MIMa6Q=; b=e8zs05d7s6NkFh2Y+M+x7wE4KsbxE7+HbPLMLzqKV2DrIFAA5vSO4IkU+zDuV9FxB22JKc9FZaADsjPD6VMfwmQCHLSOFlco6FvbHypAgycoe4D+92+M8Corjc8pBdbaci6sSdV35yTAeEq2tODliw4iXhDAFtK09Bh+ATTKv9E=
Received: from BN6PR11MB1667.namprd11.prod.outlook.com (10.172.23.12) by BN6PR11MB1284.namprd11.prod.outlook.com (10.173.32.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.24; Tue, 11 Feb 2020 15:19:04 +0000
Received: from BN6PR11MB1667.namprd11.prod.outlook.com ([fe80::940d:b6f2:6b9e:6ecb]) by BN6PR11MB1667.namprd11.prod.outlook.com ([fe80::940d:b6f2:6b9e:6ecb%11]) with mapi id 15.20.2707.030; Tue, 11 Feb 2020 15:19:04 +0000
From: "Joe Clarke (jclarke)" <jclarke@cisco.com>
To: opsawg <opsawg@ietf.org>
CC: "draft-ietf-opsawg-sdi@ietf.org" <draft-ietf-opsawg-sdi@ietf.org>
Thread-Topic: [OPSAWG] WG LC for draft-ietf-opsawg-sdi-02
Thread-Index: AQHV24JMNL5WHjxfVE+YF2fF4/fty6gWJiqA
Date: Tue, 11 Feb 2020 15:19:03 +0000
Message-ID: <EDB29364-70AB-4287-8E76-8AA7A45D6698@cisco.com>
References: <BE7A5042-266D-4E49-B528-34896063D7D1@cisco.com>
In-Reply-To: <BE7A5042-266D-4E49-B528-34896063D7D1@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jclarke@cisco.com;
x-originating-ip: [173.38.117.83]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 87cd693e-a2ce-4541-5b24-08d7af05bae8
x-ms-traffictypediagnostic: BN6PR11MB1284:
x-microsoft-antispam-prvs: <BN6PR11MB12844F1C6222D0734C9BC0E5B8180@BN6PR11MB1284.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6108;
x-forefront-prvs: 0310C78181
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(136003)(376002)(396003)(366004)(189003)(199004)(5660300002)(71200400001)(2906002)(86362001)(6512007)(450100002)(966005)(4326008)(6486002)(6506007)(478600001)(36756003)(8676002)(6916009)(53546011)(33656002)(76116006)(66446008)(64756008)(81156014)(81166006)(91956017)(66556008)(66476007)(186003)(66946007)(2616005)(8936002)(26005)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR11MB1284; H:BN6PR11MB1667.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Xe9cl8YHlUnh7tKkm8YWYEK8Z42klxi7ANVtMRhMKB3d1b6QqNobO+KDV39AoBdwjaSPxJlFZ9i9hHZEjpI7Enm5rX4fNX8oMHobDKEnQEUrxeKfSRk8uOXrZkMhErVLBGGEcLMhck30CtWpEumg8aFY3F6jHA4ijvGOre37Ag2SZTSWE5b5bjZeg1Or10Rc3AH2eD2Z+J/I0rVcd90U5idK+7Ckci1mYc4TBWOr2Y6Ij54+Y01yxi7Ko4abRcCxdks/W2BtAQgEjbs64qSORmaT9YyY3PJkCQA10HHHx1SfO0Yxkoqm/hsGu00I89ABrdtyr4tA87c4nZPosI8f1Fa8pv4b8HLfeVnIi9lhmZ4OP8Biujf5hrrB5PxzCTFP2Mtst/orNgHkEOZtlUYajtQLczrxGKwFBSj0pT+OiJ3nQoP5neT964DmPI054IVguVg8koSG5aDb6zoXl2Ho81qBpSDqWnA5J4aVc3igHheGKEoupGZukqjQCTlkuhDIB+YumryeMGu5kkukBSl6qA==
x-ms-exchange-antispam-messagedata: tEEEDv2638ODQItbqQCCbO+JG3K1zhW/N9lUvVbFTaaW29XXnk83t5v/Rj2Uk39EdXwHY37xCU1eoxi0WtIvkTxuDl+VeYrBPYkW5YlZHBI21+c6PjPFSUzWa5azwMtFL3LSWvna7MC6oPA+OL4gEQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <3CF353D7EBB54A4B96D52DD510A43781@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 87cd693e-a2ce-4541-5b24-08d7af05bae8
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Feb 2020 15:19:03.9562 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IlQWVkIe8IEzJfKCehdkfN/muaRKA2jy1llZmuC43Z0qV2bogRgJcVlHWhw+uyk38hVPua+MsyTbNtHEGUlM1w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB1284
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: alln-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/JTzsdVXw-XtWXZIIFhH7aW_-0YY>
Subject: Re: [OPSAWG] WG LC for draft-ietf-opsawg-sdi-02
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2020 15:19:12 -0000

As a contributor, I think this document is mostly ready (and as previously stated, I like and support the work).  That said, after another read I found a few spelling nits and some comments:

In Section 2, you paint the picture of a scenario, but “break the fourth wall” to explain what is existing and what is new functionality as well as state that the document prescribes using the SN as the unique identifier.  In the spirit of a scenario with additional context, I think you should clarify that the DHCP boot of an out-of-the-box device is _typically_ existing functionality.  Some vendors’ devices may not do this.

===

Section 3.1:

s/intially/initially/

s/contrained/constrained/

s/certifcates/certificates/

===

Section 3.2:

s/identfiers/identifiers/

s/certificat/certificate/

s/certifcates/certificates/

===

Section 4.2:

s/certifcate/certificate/

===

Section 4.3:

s/certifcate/certificate/

s/it never need/it never needs/

I think you need some definition of “garbage” when doing config “tasting”.  It may be required that you standardize a header to indicate that the config file is encrypted so the device doesn’t try to process what could potentially be _lots_ of true garbage.  You have a sentence here about the exact detection method being out of scope (which is true for what is a config), but saying anything else is decryptable may not please the security folks too much.

Joe

> On Feb 4, 2020, at 12:41, Joe Clarke (jclarke) <jclarke@cisco.com> wrote:
> 
> With the publication of -02 of this draft, it seems to have reached stability.  There has been interest in both usage an implementation of this draft expressed in the past, but discussion has been quiet lately.
> 
> This email serves as a two-week start of a WG LC for this document.  Please [re-]read this draft and comment on its content as well as whether or not you feel it’s ready.  WG LC will conclude on February 18, 2020.
> 
> Authors and contributors, please reply on-list as to whether or not you are aware of any intellectual property attributed to this work.  Reply that either you are not aware of any such IP, or reply with the details of known IP while also making sure you complete any IPR disclosures in data tracker.
> 
> Joe and Tianran
> _______________________________________________
> OPSAWG mailing list
> OPSAWG@ietf.org
> https://www.ietf.org/mailman/listinfo/opsawg