IETF Logo Mail Archive

Re: [Pce] WG Last Call for draft-ietf-pce-pcep-yang-19

Dhruv Dhody <dhruv.ietf@gmail.com> Sun, 23 October 2022 18:32 UTC

Return-Path: <dhruv.ietf@gmail.com>
X-Original-To: pce@ietfa.amsl.com
Delivered-To: pce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF89EC14F743 for <pce@ietfa.amsl.com>; Sun, 23 Oct 2022 11:32:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u8gSBalRjCIz for <pce@ietfa.amsl.com>; Sun, 23 Oct 2022 11:31:58 -0700 (PDT)
Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72538C14F723 for <pce@ietf.org>; Sun, 23 Oct 2022 11:31:58 -0700 (PDT)
Received: by mail-wr1-x42f.google.com with SMTP id bp11so12116214wrb.9 for <pce@ietf.org>; Sun, 23 Oct 2022 11:31:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=VEJ7Wt6lXr2a9GwYdHirMZ2jLHX3d+VfaxmYdRxeGDY=; b=ViHddwB2W6iHD2RyKbLqb68EziXi9pqL1eQr4BIDH7H2iqJTEX05sGn/T6nCKSDwI/ yFsgZwhRpXYKtDTr2xn/8vZxKJjJ783MgBISDcioIotiGXbZ9z3LEOVilI5+x/6a3dyH tZP0Qb1aT4EshdsLLSZGPLHo5LlFLFzMDrjCzbEY2MALfjnQIwReKlvnUo6MZnOD6m/O v5ZTZS4ZCCcsMvjsg40SMdLjMPo9pcLK9hvoPCh03IcBtAQViSB10A1ZYEupSieWxwP6 bdp570FbOmC60u7En3HTNxe6k0HR9aP1b0xsaiUNv7FhdetVHfqc1qfbja4K1VyAN26N ZKEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VEJ7Wt6lXr2a9GwYdHirMZ2jLHX3d+VfaxmYdRxeGDY=; b=T4yyD2pDEcVDm+FI5JgUg6s7AcK3qjXk+iMIsMNjWa6QZYk4SUkTanGOYuj2TKbzEF icqGUIeKF5UsZ/T0EONGwoLgVAN1+v39QPDVnU85hCdHPj5pdSElYoD4E0P9FyfbnL7x +Liy/arheuxrb63Nbi5tplLzRr4JYbZC40tntl5nVf09z7Lvu8wl3V7TbqBLmGFGlcUc Ks8FrmEKUmTwODLtU+OC1azjfSbvZ8A2+yO1kiEqZmJPS/MOSpsmxiQOXuRdFGis2AZv l5AAk4lsQpBLvmqjPNAIf1OKGYMTmflmQcW6vC2bSshm/FwAxjTrhNd1+YFcNKuCWnYJ SNpg==
X-Gm-Message-State: ACrzQf3L6zKNQfssxqn2rZ6bWENxl2pYEeCuwUJQXQcP71or/tcBgjBA fSVpdI9kjnOlW5W+fdSY1Csmthr0bVtceM4bMbrjU4BqFOA=
X-Google-Smtp-Source: AMsMyM6S8EuirPgep2hPW12iyqDVByOrQpsibEvWe7p3/s9jFnIN2EyK5wp0dCpo3wFT3cym3TEM6F7CgsAoVNJcHdY=
X-Received: by 2002:adf:d4d2:0:b0:236:594f:4a2c with SMTP id w18-20020adfd4d2000000b00236594f4a2cmr7137514wrk.705.1666549916781; Sun, 23 Oct 2022 11:31:56 -0700 (PDT)
MIME-Version: 1.0
References: <0d3e71b7-738b-a5f6-852d-0e46f24129f5@orange.com> <AM7PR07MB62489587051CF86BCA5DC867A05C9@AM7PR07MB6248.eurprd07.prod.outlook.com>
In-Reply-To: <AM7PR07MB62489587051CF86BCA5DC867A05C9@AM7PR07MB6248.eurprd07.prod.outlook.com>
From: Dhruv Dhody <dhruv.ietf@gmail.com>
Date: Mon, 24 Oct 2022 00:01:19 +0530
Message-ID: <CAB75xn4aYn-Dt1shnXVQyu-hrf6+v_LrmoFAnjqZHHh+CSzBJA@mail.gmail.com>
To: tom petch <ietfc@btconnect.com>
Cc: "julien.meuric@orange.com" <julien.meuric@orange.com>, "pce@ietf.org" <pce@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ca51de05ebb7e3c0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pce/2g6GWOUiOMr-3n9T9pjGBFBGDjY>
Subject: Re: [Pce] WG Last Call for draft-ietf-pce-pcep-yang-19
X-BeenThere: pce@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Path Computation Element <pce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pce>, <mailto:pce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pce/>
List-Post: <mailto:pce@ietf.org>
List-Help: <mailto:pce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pce>, <mailto:pce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Oct 2022 18:32:02 -0000

Hi Tom,

Thanks for your detailed review!

On Thu, Oct 6, 2022 at 5:13 PM tom petch <ietfc@btconnect.com> wrote:

> From: Pce <pce-bounces@ietf.org> on behalf of julien.meuric@orange.com <
> julien.meuric@orange.com>
> Sent: 26 September 2022 14:01
>
> This message starts a 2-week WG Last Call for
> draft-ietf-pce-pcep-yang-19. Please review and share any feedback using
> the PCE mailing list.
> This WGLC will end on Tuesday October 11.
>
> <tp>
> I commented before that this has  inadequate security since it mandates
> TLS1.3 where early data opens the door to all sorts of nasties.  Here are
> my other comments.
>
>
I have added this text ->

   [RFC8253] describes the use of TLSv1.2 [RFC5246] or later in PCEP.
   Further, [I-D.dhody-pce-pceps-tls13] specify how to protect PCEP
   messages with TLS 1.3 [RFC8446] by disallowing the use of early data
   (0-RTT) and listing the cipher suites that need to be supported with
   TLS 1.3.

...

   The YANG module uses the TLS grouping in
   [I-D.ietf-netconf-tls-client-server].  Note that any TLS version can
   be configured but [I-D.ietf-netconf-tls-client-server] recommends the
   use of TLS 1.3 only.  At the time of publication of this document,
   TLS 1.2 is still in common use for PCEP and can still be enabled with
   feature "tls12" even though it is marked with status as
   "deprecated".

I hope with this we can make progress.



> pce-pcep-stateful-pce-gmpls I think is now RFC8779
>
>
Ack



> s.4.1.1.1 just one List I see
>
>
Updated



> s.6.1 the list is also keyed on lsp-id
>
>
Added



> The YANG module has lower case must/should; is this intended?
>
>
I checked, the usage seems to be okay as they are describing the base
protocol handling and not related to YANG elements



> The timer names are not those of RFC5440 - perhaps worth a note giving the
> mapping even if it is only hyphen-minus
>
> container SR
> set to true if SR is enabled
> Where is that enabled, for what scope?
>
> likewise msd; other I-D decompose MSD three ways on a per signalling
> basis, I am not clear which MSD applies here.  A bit like MTU, it  might
> need a context to be clear.
>
>
Updated.



> The reference for path-key looks like it is a line too long
>
>
Ack



> RFC8231 says srp-id ffffffff is reserved in which case the range should
> not be ..max; this was correct in -18
>
>
Oops! Fixed!



> I do not understand the use of must + error-message for config false.  I
> am used to it for validating an update and cannot see when this message
> will be generated.  This occurs in a number of places.
>
>
https://www.rfc-editor.org/rfc/rfc7950.html#section-7.5.3 says "The
constraint
   is enforced according to the rules in Section 8
<https://www.rfc-editor.org/rfc/rfc7950.html#section-8>."

where https://www.rfc-editor.org/rfc/rfc7950.html#section-8.1 says "If the
constraint is defined on state data, it MUST be true in a
      valid state data tree."

I did not see any guidance on what happens with error-message in this case.
I have kept this comment pending for now. I will check with YANG experts!


> RPC often have a nacm default-deny-all
>
>
Added



> s.9
> The YANG modules   .../is/are/
>
>
Ack

I have posted an updated version -
https://www.ietf.org/archive/id/draft-ietf-pce-pcep-yang-20.html

Thanks!
Dhruv



> Tom Petch
>
>
> Thanks,
>
> Julien
>
>
>
> _______________________________________________
> Pce mailing list
> Pce@ietf.org
> https://www.ietf.org/mailman/listinfo/pce
>

v2.23.0 | Report a Bug | By Email