Re: [Rats] do not address yang warnings by making nodes writable

Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Fri, 19 February 2021 16:01 UTC

Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C55633A1049 for <rats@ietfa.amsl.com>; Fri, 19 Feb 2021 08:01:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Jmyblu5Q7Vl for <rats@ietfa.amsl.com>; Fri, 19 Feb 2021 08:01:08 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80082.outbound.protection.outlook.com [40.107.8.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACB173A1047 for <rats@ietf.org>; Fri, 19 Feb 2021 08:01:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JVyjMegMEBJ9xbCI9DojsA0P/zaMuhRwxQzKUQ6e3lQUe2PyYDnrFak2k/DNIj1EAUzbxkWsg+suUtbAcPmJEvefd/G9IwlM1GL4ZnWyrQMd1rSJMjdF9Arub6TsVhZ7wsJaVrmH3X4c8XqqL7YtqM4jGMiJLatLpCA7RnbZfgmQJLr1/IFAtI2U3Dy29aRhwNEp/0xaHaQUl8QwENqLDsAzuKwoeMk/Y3C36grkhdANSslNh6r5SOrHRxVmCi74Byk+bBMezCZcwLXB8EVYSPqFFGaYB9apcI2txN2+sNdKpF4MH/5QD9rxYSjm4O2ueYXZpbX/I4XCeBW/XjbQ7A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nfahzFbdQX7mK5YQBHegsbqhvmxZDgYKSV4aqDcKskg=; b=HrXo+nenkvkv5yF8jSfiSgDffLPuEjLG6vbLRiWyas7c/+gI8A+RtT1EnssJPl7li5FI2Umz3Y2AyHs7qB368rWLMcmBNz26D6GgA7Znz4lOjv0ucI+NbpMbaFImQcnRvAwsaIDFdIeW2YLPCyXkuJTcnao+bUZngK6hPiWz6MXfYMSwgDsdaz7K89gXnagJvI/UUp32tJf3uhP5MdQg4dXeBhLAYoh1cVKsFNR0Yg9O9xFhWol5zCccQPbFCNA9ZozI0nOfN6bh3Dub0yuW8X023awfs3IF0Et6dgjF083CNmL1E0Ln6sIDdMzR10owp+q2ucGri8Uckr37OKCuiw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nfahzFbdQX7mK5YQBHegsbqhvmxZDgYKSV4aqDcKskg=; b=TZCHy4NyaZuaHZzDhR4VZMLURzNKO6vzzSrd3Z1NcPtrgJuyfhS8YZ965qyXpVgIFz9MkdPIsbNZVLjYTa4p0Uw358NYuVk7bDAqxQ1ZLY5L7tAEWE8/nLY9kdyBu0vxwK8Wgp2kwBd9XL12uUUp7C/4cgfhojHAWR90/qqbEgs=
Authentication-Results: sandelman.ca; dkim=none (message not signed) header.d=none;sandelman.ca; dmarc=none action=none header.from=jacobs-university.de;
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23) by AM0P190MB0578.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:1a1::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3846.29; Fri, 19 Feb 2021 16:01:04 +0000
Received: from AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::1ce1:49e3:3e54:804d]) by AM0P190MB0641.EURP190.PROD.OUTLOOK.COM ([fe80::1ce1:49e3:3e54:804d%5]) with mapi id 15.20.3868.029; Fri, 19 Feb 2021 16:01:04 +0000
Date: Fri, 19 Feb 2021 17:01:03 +0100
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: "rats@ietf.org" <rats@ietf.org>
Message-ID: <20210219160103.26mds5wtenqtfbct@anna.jacobs.jacobs-university.de>
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
Mail-Followup-To: Michael Richardson <mcr+ietf@sandelman.ca>, "rats@ietf.org" <rats@ietf.org>
References: <20210219131122.4b3qt7kgapmgv3ax@anna.jacobs.jacobs-university.de> <17694.1613745400@localhost>
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <17694.1613745400@localhost>
X-Originating-IP: [212.201.44.244]
X-ClientProxiedBy: AM0PR10CA0080.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:15::33) To AM0P190MB0641.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:194::23)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from localhost (212.201.44.244) by AM0PR10CA0080.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:15::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27 via Frontend Transport; Fri, 19 Feb 2021 16:01:04 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 9a864984-eb4f-4ced-1669-08d8d4ef8fa8
X-MS-TrafficTypeDiagnostic: AM0P190MB0578:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: <AM0P190MB0578BFE304F6ACCCF149A447DE849@AM0P190MB0578.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: KH0/Nxeh4yT/hIGqp1tDoRtOAu3BGjSy8Pgl6T38usTM3JdbDuW/eEp5gG/eVMFTIOz2sMV0uB3mrguuPq0HbeVGEVy5Apj5chbuybA0Jeb2KUqJ7nw2u7cQsmQ4yQ2erdtYkPf0UfnHbEnPh5uzLkHE7xiKnPzsMWX8Tslyq7J2UUmDHym54GqBujS738OjjPAn+sXOi/0slXv61FeKhwL04uWWt+E2zEB0LfjhBMpjO1HCgerRbSvT7y1gwghWVOcrhrZ1LwrN7yytPWTl7Z6P4wsqyPUjHWwyaokhXvlJOdq9SGi9Jxd6WdXuWbdxQMPHqgTfFnm5KpDPGVF+xwffvReONc8k0sN//1ezDUXpkVuaz6irLz9ZHM4fZPD0uzOxmMHKwO4XTavCU+MRIXQ0kazFXDigTLDGzsEJMl+FsPkZPR5q9ItrF3lrZmQewMpvgz/0vesWtzGtkylOStAOlOGyu2sRqpf7JWj6j/HQWZpK/rouveKb1DzOXhSy7fcDuwyxI+aL58fStxvSrqPXR/tyAQgJU3UePqchoLut75AhhXB6WXDg5Ti+wqvs3EpOBm9ZLXnuiuHfkOkLlk05IWMm2cIbeY75UPCZ0F/tn6cnMtdOPqchgJwgv4TyZj4jBaP2TOKJVuyzMhjpFUOhqMYCIzzS/Y+oCw81LZ0=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0P190MB0641.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(346002)(136003)(39850400004)(376002)(366004)(396003)(478600001)(86362001)(83380400001)(786003)(16526019)(316002)(186003)(6496006)(6486002)(26005)(52116002)(2906002)(4326008)(3450700001)(66946007)(8676002)(8936002)(66574015)(5660300002)(83080400002)(1076003)(956004)(66476007)(66556008); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: =?iso-8859-1?Q?91neIDmF92PdOvUcA/H3vb78VmoDCbkd9Y6zOEA9QXhi1MU0FpN1d9WrN5?= =?iso-8859-1?Q?SzkYhCDBJx3TDMtTSUl0NFS+Ka6/48HTXM8q98QBYy8cnSoPihdBoclrK0?= =?iso-8859-1?Q?9f+zlQRH63itjoFq2BuOOQAbjJYz8Iuz6MyrWC6cgY+q/vyWreVoZ5URPM?= =?iso-8859-1?Q?l0omzmNr3tbrSDkFbYvypbjVJ6W7moCQzMf2lBZBIPad8sd0vlMWGpFeK2?= =?iso-8859-1?Q?yOiigRKcAOglz4tkNFNV0CNkpW2ocb1PrvLaT5yJBdHd9HjOUACWAWIlB/?= =?iso-8859-1?Q?tbfbTqq9T2y5Dpsq8vPcPOGZlnBpi2tuQHEL2FVAdzoqXHjcybac/h2wP5?= =?iso-8859-1?Q?Dkrzafpvl/JbSUSd+UK0WmSEu8+/PvrcZEb5uQTYCcTLIS1UvMluhR/9S9?= =?iso-8859-1?Q?DefceMeIkcWOeXPlkBQnvMthGOhW8vGkb2vch1WWWNCvZORIn0f39RifQ3?= =?iso-8859-1?Q?T3aLJwW1wjl63g+6b5nzI250Bov0OnEdz2mZkS/l/48gn3wkmuu06j+tVF?= =?iso-8859-1?Q?Js53aONkL1/tf3+pE27KAfVtLGi/gKn7y4PELDIOCjUJpS4CAtE45rJH1p?= =?iso-8859-1?Q?4BeXVLhq+L2ukq7rXlXiKdCtuZvwfMPLfwcsQSPz+aIHlwr5kI2wt5qLZz?= =?iso-8859-1?Q?FINE2T+NjDmv7h7WF6uxNAQHh9LVq54VOqhnxxHXnAYXqwR5i8BG3of2OO?= =?iso-8859-1?Q?7TNmnyeYFh+j+I7h+GyfemNGnx3M4SBhwhKGugiQx5iB6J9hRdp6yuMwoW?= =?iso-8859-1?Q?0Wsvs4UB0cdRp8gux2Qsbfbpc5ikvWBP5CTfssZBl1QJbHdjJzHg4G32fV?= =?iso-8859-1?Q?d0mWPV9wJ/su6dHOCTop+YyEir1ho2NyT3+sY9ElSaMTPivXkQD+8V+W+u?= =?iso-8859-1?Q?qAQ4Yr3yHItk/z1r6Me+9fhjkngssSDXrwzT47t2yX6sKSMPD1/mqbeu2R?= =?iso-8859-1?Q?XLNdlgetOFkxEP4InuP+wQ4vwX54ktaCjSBKxEOMrKbvso82DLVIR1GXjG?= =?iso-8859-1?Q?MeypKn9gliP2+MewvqteJvbVQmHkm1dxCcTLT/mHF8Nm7HD6tothelX/Kl?= =?iso-8859-1?Q?wAhLaxo4hpi0/1G3qy4MR91f8OHKws998DpbRr5ZFXRuzdgqfg6w1BzVds?= =?iso-8859-1?Q?dj7N/9Nobyxzmd/nP/WtXnG0N2u2OwVLw0SMTp2hsOGt743pEpCwTSlu+Y?= =?iso-8859-1?Q?w+Y8YJS8jSPxm5M3av1Yj/iEy9urgWIJimtu+w8CtfOvfzsFn807vHupY5?= =?iso-8859-1?Q?GwWmpkhwjh75YsP5SlZTg0e5EAC7MHy28KSmpJaHK8s4VQYRX7N6JQKJqM?= =?iso-8859-1?Q?oQRqZ3SmxUJJaaqFqpgPZNcJ5zBEYYrYP3DH58YZe50qNNUuKWKHqB+REf?= =?iso-8859-1?Q?IS2PbW5jdR?=
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 9a864984-eb4f-4ced-1669-08d8d4ef8fa8
X-MS-Exchange-CrossTenant-AuthSource: AM0P190MB0641.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Feb 2021 16:01:04.7027 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: vEpwUZGPssuhCzG9DToRWVt92oOfIf94jHqJE5y9Oh3gsI8WfLb7a7lb6Y4/RGp99VMsQ75El1BmKQ6st60GDGgNRlPYycklUA/5zzirVII=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P190MB0578
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/DuEEUt_fH7KxxbIlR7jXqhgOjiw>
Subject: Re: [Rats] do not address yang warnings by making nodes writable
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Feb 2021 16:01:10 -0000

I do not know what the purpose of the MUST statements is since I did
not dig deeper but it could be that config is only applied to TPMs
where the configured version matches the version of the TPM. This
would then require to configure the version, much like we allow to
provision interface configs even if there is (currently) no matching
interfaces.

It could also be that the WG does not want to allow something to be
configured for a TPM version that does (currently) not exist. Even in
that case, you would have to convey the TPM version as part of the
config and then have logic defined in description statements that such
config snippets are to be rejected (instead of being not applied).

My point is that saying a leaf is rw config, it is expected to be used
for validation, but it is not expected to be there is not working.

Personally, I prefer config that can be provisioned but may not be
applied if it does not match the resources (currently) available.
Yes, this requires to check for possible differences between applied
and provisioned (aka running) config but the opposite gets you into
situation where a hardware component failures leads to an invalid
config and you are either bricked or in a mode hard to understand.

/js

On Fri, Feb 19, 2021 at 09:36:40AM -0500, Michael Richardson wrote:
> 
> Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> wrote:
>     > I doubt that this is a proper solution as you now have to configure the
>     > tpm-firmware-version. If you cannot configure this (as the description
>     > says), then the MUST may always be false, i.e, once you implement this,
>     > you will see that this does not work.
> 
> I am not clueful about XPATH forcing "rw"... is there another solution?
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide
> 
> 
> 
> 



-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>