IETF Logo Mail Archive

Re: [OPSAWG] WG adoption poll for draft-zheng-opsawg-tacacs-yang-02

Eliot Lear <lear@cisco.com> Tue, 09 July 2019 09:35 UTC

Return-Path: <lear@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 768F41200F7; Tue, 9 Jul 2019 02:35:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rEzbPqYAx2gT; Tue, 9 Jul 2019 02:35:53 -0700 (PDT)
Received: from aer-iport-3.cisco.com (aer-iport-3.cisco.com [173.38.203.53]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B15F1200B6; Tue, 9 Jul 2019 02:35:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=39490; q=dns/txt; s=iport; t=1562664952; x=1563874552; h=from:message-id:mime-version:subject:date:in-reply-to:cc: to:references; bh=XUDVSgM0IHOlgRKlUfl+sTF0ByJRptG5F+DfRhJkgr0=; b=IXGWfUW5eh6Ako66kYMPFfgR0CkeA3MVwStWvS8ukTj84eFY0of1tMJn yMU1f9+W0D84iJujLOqkKweWvZVgsBYZnxOUEcPU4fSN/cC4GJXvrMV8q 5AIdfZ1ZEtB4AxEzkEQ8HWdYuyhySA/pSYde83w2h1M4/Ca6XnWNqJfR2 k=;
X-Files: signature.asc : 195
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AEAABlXyRd/xbLJq1mGgEBAQEBAgEBAQEHAgEBAQGBUwUBAQEBCwGBFIFsUQEgEiiEHIgcX4tzhy6RRhSBYwQCBwEBAQkDAQEYAQoMAQGDekYCgmU0CQ4BAwEBBAEBAgEFbYo3DIVKAQEBAwEBASFLCwULCQIRAQMBAQEVCwEGAwICJx8DBggGE4MiAYF7Dw+OUJtrgTKENgKBD4RcCgaBNAGBUIolgX+BOB+CTD6CYQEBA4EZEgESAQlMCYJLMoImBJRmlWwJghmCH4EMgyuEKokFG4IshyGDZYpOlHGMc4MKAgQGBQIVgVA4Z3EzGggbFTsqAYJBPosIhUE9AzCNX4JDAQE
X-IronPort-AV: E=Sophos;i="5.63,470,1557187200"; d="asc'?scan'208,217";a="14048888"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Jul 2019 09:35:49 +0000
Received: from [10.61.246.121] ([10.61.246.121]) by aer-core-1.cisco.com (8.15.2/8.15.2) with ESMTPS id x699Zlu8002143 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 9 Jul 2019 09:35:48 GMT
From: Eliot Lear <lear@cisco.com>
Message-Id: <CE3050AF-6D2C-474D-AA52-9D1339E4ADEB@cisco.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_6C6A39EB-964C-4BE5-B9FD-E2E8846029C6"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Tue, 09 Jul 2019 11:35:47 +0200
In-Reply-To: <b53684f398a548dd8fac2e9f74a45fa2@huawei.com>
Cc: Qin Wu <bill.wu@huawei.com>, Tianran Zhou <zhoutianran@huawei.com>, "opsawg@ietf.org" <opsawg@ietf.org>, OpsAWG Chairs <opsawg-chairs@ietf.org>
To: "Wubo (lana)" <lana.wubo@huawei.com>
References: <b53684f398a548dd8fac2e9f74a45fa2@huawei.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-Outbound-SMTP-Client: 10.61.246.121, [10.61.246.121]
X-Outbound-Node: aer-core-1.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/MOnCfYBS3j4wBnZWDjl_YQHfvzg>
Subject: Re: [OPSAWG] WG adoption poll for draft-zheng-opsawg-tacacs-yang-02
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 09:35:56 -0000


> On 9 Jul 2019, at 08:59, Wubo (lana) <lana.wubo@huawei.com> wrote:
> 
> Thank Eliot for pointing out these questions. I share a similar view with Qin, and I suggest to make the following changes in the next version:
> 
> 1. draft-ietf-opsawg-tacacs will be changed as a normative reference according to RFC3967.

Several points: please take into account that RFC 8067 updates RFC 3967.  What this means is that you should probably have a brief chat with the chairs and Ignas on this point to see what he wants.  It may also be worth a little bit of discussion time.

> 
> 2. For the second point, I think your concern may be whether the TACACS + YANG model is flexible enough to accommodate the TACACS advanced features.

I think the augmentation is exactly what you want to do for this sort of thing.

> The current TACACS + YANG architecture is designed with per-server configuration and statistics methods. Each server is configured with a TCP port and a shared key.
> These nodes may change to use a "choice" statement. If the TACACS++ extends to use TLS protocol, the transport extensions can be added as new "case" statements.

From what I gather of the model, it merely talks about the state and configuration of the T+ connection itself.  I think this mitigates reasonably well in favor of a downref since that sort of state is not likely to change too much, and if it does, you can augment again.

Eliot

> 
> Thanks,
> Bo
> 发件人: OPSAWG [mailto:opsawg-bounces@ietf.org <mailto:opsawg-bounces@ietf.org>] 代表 Qin Wu
> 发送时间: 2019年7月9日 11:20
> 收件人: Tianran Zhou <zhoutianran@huawei.com <mailto:zhoutianran@huawei.com>>; Eliot Lear <lear@cisco.com <mailto:lear@cisco.com>>
> 抄送: opsawg@ietf.org <mailto:opsawg@ietf.org>; OpsAWG Chairs <opsawg-chairs@ietf.org <mailto:opsawg-chairs@ietf.org>>
> 主题: Re: [OPSAWG] WG adoption poll for draft-zheng-opsawg-tacacs-yang-02
> 
> A few thoughts on Eliot’s two questions:
> 1.       Do we have YANG data model draft developed by IETF published as informational RFC? I haven’t seen one.
> 2.       This model uses system management YANG data model defined in RFC7317 as base model and augment it with TACACS+ specifics, and RFC7317 is standard track RFC.
> 3.       Downref is allowed in some circumstance, See RFC3967 section 2, first two bullets.
> 4.       TACACS+ protocol has been moved for publication. Whether or not TACACS++ comes later, TACACS+ will be basis for any advanced features. So timing is perfect.
> 
> -Qin
> 发件人: OPSAWG [mailto:opsawg-bounces@ietf.org <mailto:opsawg-bounces@ietf.org>] 代表 Tianran Zhou
> 发送时间: 2019年7月9日 10:35
> 收件人: Eliot Lear <lear@cisco.com <mailto:lear@cisco.com>>
> 抄送: opsawg@ietf.org <mailto:opsawg@ietf.org>; OpsAWG Chairs <opsawg-chairs@ietf.org <mailto:opsawg-chairs@ietf.org>>
> 主题: Re: [OPSAWG] WG adoption poll for draft-zheng-opsawg-tacacs-yang-02
> 
> Hi Eliot,
> 
> Thanks for your suggestions. Please see inline.
> 
> Tianran
> 
> From: Eliot Lear [mailto:lear@cisco.com <mailto:lear@cisco.com>]
> Sent: Monday, July 08, 2019 8:13 PM
> To: Tianran Zhou <zhoutianran@huawei.com <mailto:zhoutianran@huawei.com>>
> Cc: opsawg@ietf.org <mailto:opsawg@ietf.org>; OpsAWG Chairs <opsawg-chairs@ietf.org <mailto:opsawg-chairs@ietf.org>>
> Subject: Re: [OPSAWG] WG adoption poll for draft-zheng-opsawg-tacacs-yang-02
> 
> Hi Tianran,
> 
> I have two concerns about this draft.  First is the intended status of this document.  It currently calls out draft-ietf-opsawg-tacacs as an informational reference.  I think the question here is really whether this draft should also be informational.  As a practical matter you really do need to have implemented the other draft for this one to be implemented.  And that means that really it should be a normative reference.  But it would be a downref.  To address this, I suggest just making this document an informational draft, rather than targeting for standards, and make the reference normative.
> 
> [Tianran] Yes, I have the same concern. You provided a good approach. On the other hand, I think RFC3967 described this case.
> “2.  The Need for Downward References
>     …
>    o  A standards document may need to refer to a proprietary protocol,
>       and the IETF normally documents proprietary protocols using
>       informational RFCs.”
> 
> In addition, I have another question.  Is there interest or appetite for creating a standardized and more version of T+?  If so, is the timing of a standardized YANG model appropriate?
> 
> [Tianran] I would like to see how the WG would like to approach.
> 
> Eliot
> 
> 
> 
> On 7 Jul 2019, at 09:58, Tianran Zhou <zhoutianran@huawei.com <mailto:zhoutianran@huawei.com>> wrote:
> 
> Hi WG,
> 
> This document was presented in Prague. The authors have addressed all the comments and believe it’s ready for further working group discussion.
> https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-02 <https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-02>
> 
> 
> This email starts a two weeks poll for adoption.
> If you support adopting this document please say so, and please give an indication of why you think it is important. Also please say if you will be willing to review and help the draft.
> If you do not support adopting this document as a starting point for work on this topic, please say why..
> This poll will run until 22nd July.
> 
> Regards,
> Tianran & Joe
> 
> _______________________________________________
> OPSAWG mailing list
> OPSAWG@ietf.org <mailto:OPSAWG@ietf.org>
> https://www.ietf.org/mailman/listinfo/opsawg <https://www.ietf.org/mailman/listinfo/opsawg>

v2.23.0 | Report a Bug | By Email