RE: [Policy] RE: PCELS position
John Strassner <John.Strassner@intelliden.com> Fri, 26 September 2003 22:26 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA27225 for <policy-archive@odin.ietf.org>; Fri, 26 Sep 2003 18:26:32 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A312O-0005oi-81 for policy-archive@odin.ietf.org; Fri, 26 Sep 2003 18:26:10 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h8QMQ8Sn022324 for policy-archive@odin.ietf.org; Fri, 26 Sep 2003 18:26:08 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A312H-0005nA-KS; Fri, 26 Sep 2003 18:26:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1A1rK7-0002oC-GU for policy@optimus.ietf.org; Tue, 23 Sep 2003 13:51:39 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA27335; Tue, 23 Sep 2003 13:51:30 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1A1rK4-00046K-00; Tue, 23 Sep 2003 13:51:36 -0400
Received: from cosium01.intelliden.net ([12.41.186.248]) by ietf-mx with esmtp (Exim 4.12) id 1A1rK3-00045f-00; Tue, 23 Sep 2003 13:51:35 -0400
Received: by cosium01.intelliden.net with Internet Mail Service (5.5.2653.19) id <SSQBP4L5>; Tue, 23 Sep 2003 11:51:02 -0600
Message-ID: <AE723009E85E224CB00132C7FF0B34E17209CB@cosium02.intelliden.net>
From: John Strassner <John.Strassner@intelliden.com>
To: 'Robert Moore' <remoore@us.ibm.com>, 'David McTavish' <dmctavish@sandvine.com>
Cc: "'Wijnen, Bert (Bert)'" <bwijnen@lucent.com>, 'David McTavish' <dmctavish@sandvine.com>, "'Joel M. Halpern'" <joel@stevecrocker.com>, John Strassner <John.Strassner@intelliden.com>, "'Pana, Mircea'" <mpana@metasolv.com>, "'policy@ietf.org'" <policy@ietf.org>, "'policy-admin@ietf.org'" <policy-admin@ietf.org>
Subject: RE: [Policy] RE: PCELS position
Date: Tue, 23 Sep 2003 11:51:01 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C381FB.40AF98D0"
Sender: policy-admin@ietf.org
Errors-To: policy-admin@ietf.org
X-BeenThere: policy@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=unsubscribe>
List-Id: Policy Framework <policy.ietf.org>
List-Post: <mailto:policy@ietf.org>
List-Help: <mailto:policy-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=subscribe>
I'm saying: 1) that an information model should not be driven by the concerns of a single data model, and 2) I do not believe that the word "reuse" applies when an attribute is defined in one class, with one set of semantics, and then is blopped into a new class with completely different semantics. That is what I meant by stealing an OID. regards, John John C. Strassner Chief Strategy Officer Intelliden Inc. 90 South Cascade Avenue Colorado Springs, CO 80906 USA phone: +1.719.785.0648 fax: +1.719.785.0644 email: john.strassner@intelliden.com > -----Original Message----- > From: Robert Moore [mailto:remoore@us.ibm.com] > Sent: Tuesday, September 23, 2003 11:40 AM > To: David McTavish > Cc: 'Wijnen, Bert (Bert)'; David McTavish; 'Joel M. Halpern'; John > Strassner; 'Pana, Mircea'; 'policy@ietf.org'; policy-admin@ietf.org > Subject: RE: [Policy] RE: PCELS position > > > > > > David, > > Yes, that's exactly what I was saying. What I don't understand is > this: if > LDAP attributes are globally unique, what's the problem with > reusing them > in multiple classes (with the same syntax and semantics, of > course)? This > was a desirable thing in CMIP, but John is suggesting that it's to > be > avoided in LDAP. > > Regards, > Bob > > Bob Moore > WebSphere Advanced Design and Technology > WebSphere Platform System House > IBM Software Group > +1-919-254-4436 > remoore@us.ibm.com > > > > > David McTavish > <dmctavish@sandvi To: Robert > Moore/Raleigh/IBM@IBMUS, John Strassner > ne.com> > <John.Strassner@intelliden.com> > cc: "'Wijnen, > Bert (Bert)'" <bwijnen@lucent.com>, David McTavish > 09/23/2003 01:33 > <dmctavish@sandvine.com>, "'Joel M. Halpern'" > <joel@stevecrocker.com>, John Strassner > PM > <John.Strassner@intelliden.com>, "'Pana, Mircea'" > <mpana@metasolv.com>, > "'policy@ietf.org'" > <policy@ietf.org>, policy-admin@ietf.org > Subject: RE: > [Policy] RE: PCELS position > > > > > > Hi Bob, > Unfortunately, in LDAP, attributes must be globally unique. So, if > an > attribute is defined as "foo" in one objectclass as a boolean, and > as an > integer in another class, this causes an incompatibility. In some > cases > (OpenLDAP), this prevents the server from even starting. It's not > the most > elegant implementation, but something you get used to when working > on LDAP. > > Hope this is informational, > d. > > > -----Original Message----- > From: Robert Moore [mailto:remoore@us.ibm.com] > Sent: Tuesday, September 23, 2003 1:26 PM > To: John Strassner > Cc: 'Wijnen, Bert (Bert)'; 'David McTavish'; 'Joel M. Halpern'; > John > Strassner; 'Pana, Mircea'; 'policy@ietf.org'; policy-admin@ietf.org > Subject: RE: [Policy] RE: PCELS position > > > > > > > >Furthermore, the argument that you are "reusing" an attribute foo > in a new > class bar is completely specious, because the new class >bar is > different > than the original class baz that defined foo. The differences are > very > fundamental - different hierarchies, different >attributes, and > worse > (e.g., the definition of priority). This isn't reuse, this is > simply > stealing an OID. > > John, I'll have to say that I'm missing the essence of your > argument here. > Formally (as you've acknowledged), LDAP falls into the same > category as > X.500 and CMIP: attributes are defined, and maintain their > identity, > independent of the classes in which they appear. (Digression for > those who > haven't worked in the DMTF: CIM works the opposite way -- an > attribute's > identity is tied to the class in which it is defined, so that it's > possible > to have two attributes with identical names defined in two > different CIM > classes. This is, of course, a potential source of confusion, so > there > were DMTF guidelines saying "Don't do this." But these provided an > artificial overlay of global scope on attributes whose identity was > inherently scoped by the classes that defined them.) I don't have > specific > experience with X.500 and LDAP, but I do know that in the CMIP case > it was > perfectly good practice (in fact, it was typical) to define > attributes > without regard to the classes that would include them. I'm don't > see why > X.500 and LDAP should be any different. But your use of the > wording "... > the original class baz that defined foo" suggests that you see some > non-formal, but nevertheless significant sense in which LDAP > attributes > *are* defined relative to the (first?) class that contains them. > > Regards, > Bob > > Bob Moore > WebSphere Advanced Design and Technology > WebSphere Platform System House > IBM Software Group > +1-919-254-4436 > remoore@us.ibm.com > > > > > > John Strassner > > <John.Strassner@inte To: "'Pana, > Mircea'" > <mpana@metasolv.com>, "'Wijnen, Bert (Bert)'" > lliden.com> > <bwijnen@lucent.com>, > "'David McTavish'" <dmctavish@sandvine.com>, "'policy@ietf.org'" > Sent by: > <policy@ietf.org> > > policy-admin@ietf.or cc: John > Strassner > <John.Strassner@intelliden.com>, "'Joel M. Halpern'" > g > <joel@stevecrocker.com> > > Subject: RE: > [Policy] > RE: > PCELS position > > > 09/23/2003 01:03 PM > > > > > > > > Again, you are trying to determine the validity of an information > model > based on the concerns of one specific data model. This is > backwards. > > Furthermore, the argument that you are "reusing" an attribute foo > in a new > class bar is completely specious, because the new class bar is > different > than the original class baz that defined foo. The differences are > very > fundamental - different hierarchies, different attributes, and > worse (e.g., > the definition of priority). This isn't reuse, this is simply > stealing an > OID. > > So, how about defining a NEW set of classes and attributes? And if > you > prefixes the new classes and attributes, this would also get around > the > schema problem that I stated earlier. > > > > regards, > John > > > John C. Strassner > Chief Strategy Officer > Intelliden Inc. > 90 South Cascade Avenue > Colorado Springs, CO 80906 USA > phone: +1.719.785.0648 > fax: +1.719.785.0644 > email: john.strassner@intelliden.com > -----Original Message----- > From: Pana, Mircea [mailto:mpana@metasolv.com] > Sent: Monday, September 22, 2003 8:21 AM > To: 'Wijnen, Bert (Bert)'; 'David McTavish'; Pana, Mircea; > 'policy@ietf.org' > Cc: 'John Strassner'; 'Joel M. Halpern' > Subject: RE: [Policy] RE: PCELS position > > > > Maybe there is no need for such drastic measures. Maybe it is only > a matter > of interpretation of the PCIMe recommendations. After all PCIMe is > quite > lenient wrt. that is and what is not used in submodels (see PCIMe > section > 5.10.). > > > Some of the structural changes proposed by PCIMe make it difficult > for > PCELS to be interoperable with PCLS. These are as follows: > > > 1. PCIMe defines a new abstract class, PolicySet, and makes it a > superclass > of the already defined PolicyRule and PolicyGroup > > > 2. In PCIMe the PolicyRule.Priority property has been deprecated in > favor > of a new relative priority mechanism. > 3. PolicyRepository is deprecated in favor of the new > ReusablePolicyContainer. > > PCELS could be interoperable with PCLS if it was to interpret these > PCIMe > changes as follows: > A. there is no need to have an explicit LDAP mapping of the > abstract > PolicySet. (see also B.) > B. there is no need to have an explicit LDAP mapping of the > modified > PolicyGroup. Implementations can use (the equivalent of) a > PolicyRule with > no Actions or Conditions for PolicyGroup objects. > > > C. implementations SHOULD (as opposed to MUST) use the relative > priority > mechanism instead of the absolute priority attribute of PolicyRule > > > D. PolicyRepository SHOULD not be used directly but it is > acceptable for > instances of this class to occur through inheritance. > > > So, the question is whether the statements A. through D. violate > PCIMe or > not. Opinions? > > > Thanks, > Mircea. > -----Original Message----- > From: Wijnen, Bert (Bert) [mailto:bwijnen@lucent.com] > Sent: Sunday, September 21, 2003 6:14 AM > To: 'David McTavish'; 'Pana, Mircea'; 'policy@ietf.org' > Cc: 'John Strassner'; 'Joel M. Halpern' > Subject: RE: [Policy] RE: PCELS position > > > > W.r.t. > > Is PCIMe considered so complete, that it is beyond modification, > if such > > > modification could preserve its intent while also adhering to > the > desires > > of maintaining consistency with PCIM and PCLS? > > > PCIMe is at Proposed Standard. If, for example because of this > effort to > try and MAP it onto LDAP, we > find that we did some things in PCIMe that we should not have done, > then, > with WG consensus, > we can make incompatible changes to PCIMe and then recycle at > Proposed > Standard. > That is part of the normal standars track process. That is, we get > something to PS, then we start > using/implementing (the "using" part is reusing PCIMe definitions > in otehr > CIM docs (like the > other docs we did in Policy, and like the IPsec work, the > "implementing" is > sort of mapping onto for > example LDAP I think)... and if we find major issues, then we fix > and > recycle at PS. If we do not > find major issues, we may advance to DS. > > > Hope this helps. > Bert > >
- [Policy] PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Wijnen, Bert (Bert)
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position Wijnen, Bert (Bert)
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Joel M. Halpern
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position Robert Moore
- RE: [Policy] RE: PCELS position Robert Moore
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position John Schnizlein
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position Pana, Mircea
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position John Strassner
- RE: [Policy] RE: PCELS position David McTavish
- RE: [Policy] RE: PCELS position David McTavish
- [Policy] RE: PCELS position David McTavish