RE: [Policy] RE: PCELS position
"Pana, Mircea" <mpana@metasolv.com> Tue, 23 September 2003 22:57 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA12088 for <policy-archive@odin.ietf.org>; Tue, 23 Sep 2003 18:57:22 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A1w5d-0003wX-Pr for policy-archive@odin.ietf.org; Tue, 23 Sep 2003 18:57:01 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h8NMv1MP015148 for policy-archive@odin.ietf.org; Tue, 23 Sep 2003 18:57:01 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A1w5c-0003w1-Mm; Tue, 23 Sep 2003 18:57:00 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A1w51-0003vM-BL for policy@optimus.ietf.org; Tue, 23 Sep 2003 18:56:23 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA12070 for <policy@ietf.org>; Tue, 23 Sep 2003 18:56:08 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1A1w4t-0000RF-00 for policy@ietf.org; Tue, 23 Sep 2003 18:56:15 -0400
Received: from mail.metasolv.com ([12.105.131.5] helo=srvmaddog.metasolv.com) by ietf-mx with esmtp (Exim 4.12) id 1A1w4s-0000QV-00 for policy@ietf.org; Tue, 23 Sep 2003 18:56:14 -0400
Received: by SRVMADDOG with Internet Mail Service (5.5.2655.55) id <S0L04PQY>; Tue, 23 Sep 2003 18:00:24 -0500
Message-ID: <A33EE5A81E634B488B099FD31F65196153CDF2@srvotemail.metasolv.com>
From: "Pana, Mircea" <mpana@metasolv.com>
To: 'David McTavish' <dmctavish@sandvine.com>
Cc: "'policy@ietf.org'" <policy@ietf.org>
Subject: RE: [Policy] RE: PCELS position
Date: Tue, 23 Sep 2003 17:51:02 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2655.55)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C38225.2A14E880"
Sender: policy-admin@ietf.org
Errors-To: policy-admin@ietf.org
X-BeenThere: policy@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=unsubscribe>
List-Id: Policy Framework <policy.ietf.org>
List-Post: <mailto:policy@ietf.org>
List-Help: <mailto:policy-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=subscribe>
David, Regards, Mircea. > -----Original Message----- > From: David McTavish [mailto:dmctavish@sandvine.com] > Sent: Tuesday, September 23, 2003 1:33 PM > To: 'Robert Moore'; John Strassner > Cc: 'Wijnen, Bert (Bert)'; David McTavish; 'Joel M. Halpern'; John > Strassner; 'Pana, Mircea'; 'policy@ietf.org'; policy-admin@ietf.org > Subject: RE: [Policy] RE: PCELS position > > > Hi Bob, > Unfortunately, in LDAP, attributes must be globally unique. I don't think this is unfortunate ;-) > So, if an > attribute is defined as "foo" in one objectclass as a > boolean, and as an > integer in another class, this causes an incompatibility. In This should be prevented from happening but it is a matter of server implementation. To be compliant with LDAP one must stick to the syntax globally defined for the attribute. > some cases > (OpenLDAP), this prevents the server from even starting. It's > not the most > elegant implementation, but something you get used to when > working on LDAP. You make it sound so painful ;-) > > Hope this is informational, > d. > > > -----Original Message----- > From: Robert Moore [mailto:remoore@us.ibm.com] > Sent: Tuesday, September 23, 2003 1:26 PM > To: John Strassner > Cc: 'Wijnen, Bert (Bert)'; 'David McTavish'; 'Joel M. Halpern'; John > Strassner; 'Pana, Mircea'; 'policy@ietf.org'; policy-admin@ietf.org > Subject: RE: [Policy] RE: PCELS position > > > > > > > >Furthermore, the argument that you are "reusing" an > attribute foo in a new > class bar is completely specious, because the new class >bar > is different > than the original class baz that defined foo. The differences are very > fundamental - different hierarchies, different >attributes, and worse > (e.g., the definition of priority). This isn't reuse, this is simply > stealing an OID. > > John, I'll have to say that I'm missing the essence of your > argument here. > Formally (as you've acknowledged), LDAP falls into the same > category as > X.500 and CMIP: attributes are defined, and maintain their identity, > independent of the classes in which they appear. (Digression > for those who > haven't worked in the DMTF: CIM works the opposite way -- an > attribute's > identity is tied to the class in which it is defined, so that > it's possible > to have two attributes with identical names defined in two > different CIM > classes. This is, of course, a potential source of > confusion, so there > were DMTF guidelines saying "Don't do this." But these provided an > artificial overlay of global scope on attributes whose identity was > inherently scoped by the classes that defined them.) I don't > have specific > experience with X.500 and LDAP, but I do know that in the > CMIP case it was > perfectly good practice (in fact, it was typical) to define attributes > without regard to the classes that would include them. I'm > don't see why > X.500 and LDAP should be any different. But your use of the > wording "... > the original class baz that defined foo" suggests that you see some > non-formal, but nevertheless significant sense in which LDAP > attributes > *are* defined relative to the (first?) class that contains them. > > Regards, > Bob > > Bob Moore > WebSphere Advanced Design and Technology > WebSphere Platform System House > IBM Software Group > +1-919-254-4436 > remoore@us.ibm.com > > > > > > John Strassner > > <John.Strassner@inte To: > "'Pana, Mircea'" > <mpana@metasolv.com>, "'Wijnen, Bert (Bert)'" > lliden.com> > <bwijnen@lucent.com>, > "'David McTavish'" <dmctavish@sandvine.com>, "'policy@ietf.org'" > Sent by: <policy@ietf.org> > > policy-admin@ietf.or cc: > John Strassner > <John.Strassner@intelliden.com>, "'Joel M. Halpern'" > g > <joel@stevecrocker.com> > > Subject: > RE: [Policy] RE: > PCELS position > > > 09/23/2003 01:03 PM > > > > > > > > Again, you are trying to determine the validity of an > information model > based on the concerns of one specific data model. This is backwards. > > Furthermore, the argument that you are "reusing" an attribute > foo in a new > class bar is completely specious, because the new class bar > is different > than the original class baz that defined foo. The differences are very > fundamental - different hierarchies, different attributes, > and worse (e.g., > the definition of priority). This isn't reuse, this is simply > stealing an > OID. > > So, how about defining a NEW set of classes and attributes? And if you > prefixes the new classes and attributes, this would also get > around the > schema problem that I stated earlier. > > > > regards, > John > > > John C. Strassner > Chief Strategy Officer > Intelliden Inc. > 90 South Cascade Avenue > Colorado Springs, CO 80906 USA > phone: +1.719.785.0648 > fax: +1.719.785.0644 > email: john.strassner@intelliden.com > -----Original Message----- > From: Pana, Mircea [mailto:mpana@metasolv.com] > Sent: Monday, September 22, 2003 8:21 AM > To: 'Wijnen, Bert (Bert)'; 'David McTavish'; Pana, Mircea; > 'policy@ietf.org' > Cc: 'John Strassner'; 'Joel M. Halpern' > Subject: RE: [Policy] RE: PCELS position > > > > Maybe there is no need for such drastic measures. Maybe it is > only a matter > of interpretation of the PCIMe recommendations. After all > PCIMe is quite > lenient wrt. that is and what is not used in submodels (see > PCIMe section > 5.10.). > > > Some of the structural changes proposed by PCIMe make it difficult for > PCELS to be interoperable with PCLS. These are as follows: > > > 1. PCIMe defines a new abstract class, PolicySet, and makes > it a superclass > of the already defined PolicyRule and PolicyGroup > > > 2. In PCIMe the PolicyRule.Priority property has been > deprecated in favor > of a new relative priority mechanism. > 3. PolicyRepository is deprecated in favor of the new > ReusablePolicyContainer. > > PCELS could be interoperable with PCLS if it was to interpret > these PCIMe > changes as follows: > A. there is no need to have an explicit LDAP mapping of the abstract > PolicySet. (see also B.) > B. there is no need to have an explicit LDAP mapping of the modified > PolicyGroup. Implementations can use (the equivalent of) a > PolicyRule with > no Actions or Conditions for PolicyGroup objects. > > > C. implementations SHOULD (as opposed to MUST) use the > relative priority > mechanism instead of the absolute priority attribute of PolicyRule > > > D. PolicyRepository SHOULD not be used directly but it is > acceptable for > instances of this class to occur through inheritance. > > > So, the question is whether the statements A. through D. > violate PCIMe or > not. Opinions? > > > Thanks, > Mircea. > -----Original Message----- > From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com] > Sent: Sunday, September 21, 2003 6:14 AM > To: 'David McTavish'; 'Pana, Mircea'; 'policy@ietf.org' > Cc: 'John Strassner'; 'Joel M. Halpern' > Subject: RE: [Policy] RE: PCELS position > > > > W.r.t. > > Is PCIMe considered so complete, that it is beyond > modification, if such > > > modification could preserve its intent while also adhering to the > desires > > of maintaining consistency with PCIM and PCLS? > > > PCIMe is at Proposed Standard. If, for example because of > this effort to > try and MAP it onto LDAP, we > find that we did some things in PCIMe that we should not have > done, then, > with WG consensus, > we can make incompatible changes to PCIMe and then recycle at Proposed > Standard. > That is part of the normal standars track process. That is, we get > something to PS, then we start > using/implementing (the "using" part is reusing PCIMe > definitions in otehr > CIM docs (like the > other docs we did in Policy, and like the IPsec work, the > "implementing" is > sort of mapping onto for > example LDAP I think)... and if we find major issues, then we fix and > recycle at PS. If we do not > find major issues, we may advance to DS. > > > Hope this helps. > Bert > >
- [Policy] PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Wijnen, Bert (Bert)
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position Wijnen, Bert (Bert)
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Joel M. Halpern
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position Robert Moore
- RE: [Policy] RE: PCELS position Robert Moore
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Schnizlein
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position David McTavish
- [Policy] RE: PCELS position David McTavish