Re: [secdir] Asynchronous Nature of the I2RS Protocol - vs RESTCONF and NETCONF
"Susan Hares" <shares@ndzh.com> Tue, 03 March 2015 22:08 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24E0A1ACDDE; Tue, 3 Mar 2015 14:08:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -97.156
X-Spam-Level:
X-Spam-Status: No, score=-97.156 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DOS_OUTLOOK_TO_MX=2.845, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id slViJgN8oVBp; Tue, 3 Mar 2015 14:08:10 -0800 (PST)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) by ietfa.amsl.com (Postfix) with ESMTP id A172F1ACDE0; Tue, 3 Mar 2015 14:08:09 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=74.43.47.92;
From: Susan Hares <shares@ndzh.com>
To: 'Melinda Shore' <melinda.shore@gmail.com>, i2rs@ietf.org, secdir@ietf.org
References: <01c301d05538$0b4846c0$21d8d440$@ndzh.com> <54F4E7D7.1000603@gmail.com>
In-Reply-To: <54F4E7D7.1000603@gmail.com>
Date: Tue, 03 Mar 2015 17:08:05 -0500
Message-ID: <023e01d055fe$8688c9b0$939a5d10$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Content-Language: en-us
Thread-Index: AQKNoMDmLw8r4tCY9pMrxOLsQQAbewIgtX/Tm3+rlYA=
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/7ajjlpDzjYH8skALFlDdyduL9k8>
Subject: Re: [secdir] Asynchronous Nature of the I2RS Protocol - vs RESTCONF and NETCONF
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Mar 2015 22:08:11 -0000
Melinda: Thank you for your clear question - let me try to unpack and answer your question. I really appreciate your aid in working through these cases. <chair-hat off> The asynchronous models we've discussed are: 1) polling based - I2RS client queries at a set of agents to receive status information 2) call-back based - the I2RS Client performs an action (adds an interface) and the I2RS agent returns a response after the sequence is done. 3) pub/sub based - meaning the I2RS clients sign up to receive publications of results. 4) atomic based - a sequence of commands that are done and then returned with a call-back. (if you think I've missed one, please let me know). IHMO the use of a checkpoint in each of the cases is the following. 1) polling The checkpoint (or revision counter) would be used to indicate if something else had written or change the portion of the tree after the polling began. This checkpoint can be for the whole tree or a model. The keeping of a checkpoint per item within a model may be prohibited. 2) call-back item If another higher priority interrupt, interrupts the write with call-back response - then an error message would indicated the interrupt. If a lower priority commands tries to interrupt, the architecture indicates the lower priority command will receive an error in the call-back. If a same priority command tries to interrupt the command, it is an error and both commands should be flagged. In my understanding, the checking point is not of a use in this case. 3) pub/sub item A checkpoint may provide an indication if something changes between subsequent updates from a pub/sub. This information may be sent in the pub/sub message sequences. 4) atomic groupings of commands that return with a command. The atomic groupings of a commands either succeeds or fails based on same circumstances as the call-back. A checkpoint really doesn't aid the result here. My understanding on the support of each of these four functions in RESTCONF/NETCONF depends on Ephemeral data store issues. Without a NETCONF solution to the ephemeral datastore, only restconf can share definitions and data between I2RS agent models and netconf data models. IMHO this sharing makes data-model creation a lot easier. Therefore, let me comment on the RESTCONF support for the four functions: 1) polling - RESTCONF GET/QUERY can poll for data I2RS data (no ephemeral data store issues) 2) call/back item: RESTCONF RPC mechanism seem to be supported as well as the POST, PUT, PATCH, and DELETE. 3) pub/sub: call-home features exist and a pub/sub feature solution has been proposed. 4) atomic group: RESTCONF provides the automatic RESTCONF provides integrity and confidentiality of the data and mutually authenticated client-server identities. Sue Hares -----Original Message----- From: Melinda Shore [mailto:melinda.shore@gmail.com] Sent: Monday, March 02, 2015 5:45 PM To: Susan Hares; i2rs@ietf.org; secdir@ietf.org Subject: Re: [secdir] Asynchronous Nature of the I2RS Protocol - vs RESTCONF and NETCONF On 3/2/15 1:27 PM, Susan Hares wrote: > This posts asks if we need to require a checkpoint to make > asynchronous functions work. Hi, Sue: I don't really understand the question. If you're going to specify that there's going to be support for asynchronous event processing, you need a model for that. It can be polling-based, callback-based, interrupt-based, and so on, and what data structures you'll require will depend on the model you choose. That includes both for naming and for coordination/scheduling. I'm not sure exactly what you mean by "checkpoint" (semaphores? locks?) but it may actually be out of scope - an implementation question. At any rate the first place to start is with coming up with a concurrency (or asynchrony) model, and then proceeding from there. Melinda
- [secdir] Asynchronous Nature of the I2RS Protocol… Susan Hares
- Re: [secdir] Asynchronous Nature of the I2RS Prot… Melinda Shore
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Joel M. Halpern
- Re: [secdir] Asynchronous Nature of the I2RS Prot… Susan Hares
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Jeffrey Haas
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Jeffrey Haas
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Jeffrey Haas
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Juergen Schoenwaelder
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Juergen Schoenwaelder
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Andy Bierman
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Andy Bierman
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Juergen Schoenwaelder
- Re: [secdir] [i2rs] Asynchronous Nature of the I2… Jeffrey Haas