Re: [secdir] review of draft-ietf-netconf-nmda-restconf-04

Mahesh Jethanandani <mjethanandani@gmail.com> Tue, 10 July 2018 00:48 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8412412F1AB; Mon, 9 Jul 2018 17:48:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5nEkww8oerGM; Mon, 9 Jul 2018 17:48:57 -0700 (PDT)
Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6330127148; Mon, 9 Jul 2018 17:48:56 -0700 (PDT)
Received: by mail-pf0-x236.google.com with SMTP id e13-v6so1464574pff.7; Mon, 09 Jul 2018 17:48:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=qHXkPQ6lnv4ugCHg4oEcSh1aBKeb6eL14MEpBUpM8jQ=; b=nyiNhAc/ZBR1vXD6faC1MouU7MYrRrOMj9s6/r1DwzuXvMb9HhAxpaLxBqHsX2WPN2 OjnKXBnVGjWqtPwgmPe96mXfzbkqtNmg9N8lCdUj7wr6rs5gn3YRflF45mG2AltunbPA F/iNl4EBgImKfKTj7uQrDrlx+b0aYluDpbNudi4pKK44WQJYlORiwXKEV7dTLhGR5gUA JYY7ytWTqYo/Lb5Xe6sBqfWRvQTGOmw42DJYPRGE5zdfpODCQKzpx+aaAwYo+I+P1btY QglXl6k1goaCGEqoHPeCxNIJrE/wJ4WOkMj/2LYy6wtJyfsZVeJsHyX6kD1xo1RVjJsk m9VA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=qHXkPQ6lnv4ugCHg4oEcSh1aBKeb6eL14MEpBUpM8jQ=; b=jQ1rKRBWmspeSZZ11M1PGMzj2zmISK4NhDkqtws/QpPKRlz0ORwsFrMvHsbIUaT/In zKnadBWAOnv4AvsBHNer0xfiNoXSyZdSmg0Zejv6Yw+ilIpbXPbHsDK5QlA918myJxuq 5lkpF82tgholis0caZn7cGg0YwNJckL44E/subUzM/fqqyzk0eW+P9Szp+Tj+OedyKhC j0np+Wg6wRF+bYY4J50FkDoBIJCCDMMysqPJhvCpiZYowV+teF9IZiJKK+7ujDCk2qdw RH2Hupz62MJgc9TSIxeHfqL31GZLzUXoGwjk4L6Q9y36Puk6cRViTEucTpY6YqVJNJoi hnwA==
X-Gm-Message-State: APt69E1jkf6mkDwYx7pNYEf4eF4gLUgDkxCgVLMHcQTNn55vUGiLhKFs wLgHTwY6EsxOTqxfwlLc18DM8pkZ
X-Google-Smtp-Source: AAOMgpcKVlnoyzqoUwNY4RHZRLIc2g7mUUPgGlYwk1Lpj/GdH/xBo6goNFqPBa9UDxxWobuhQwDhFw==
X-Received: by 2002:a62:3f44:: with SMTP id m65-v6mr23230514pfa.98.1531183736376; Mon, 09 Jul 2018 17:48:56 -0700 (PDT)
Received: from ?IPv6:2601:647:4700:1280:b836:21af:f5df:8992? ([2601:647:4700:1280:b836:21af:f5df:8992]) by smtp.gmail.com with ESMTPSA id f24-v6sm27805068pfe.39.2018.07.09.17.48.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 09 Jul 2018 17:48:55 -0700 (PDT)
From: Mahesh Jethanandani <mjethanandani@gmail.com>
Message-Id: <99EB8497-BCC0-45A3-A412-6FC5036243F6@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_88C26629-0030-41AC-832B-DAB98C0235EB"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
Date: Mon, 9 Jul 2018 17:48:53 -0700
In-Reply-To: <8dbe0263-de63-0ddd-86db-04fa7744155c@lounge.org>
Cc: Kent Watsen <kwatsen@juniper.net>, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-netconf-nmda-restconf.all@ietf.org" <draft-ietf-netconf-nmda-restconf.all@ietf.org>
To: Daniel Harkins <dharkins@lounge.org>
References: <f919a44f-d93b-f399-cc5d-1353c1c5b57d@lounge.org> <20180704124128.qpr7tunjw5quiex6@anna.jacobs.jacobs-university.de> <9b2f8091-9ead-e188-ee34-1acfead2dcd2@lounge.org> <20180704183436.zjzwz4vowqi5phz7@anna.jacobs.jacobs-university.de> <14e7ae2d-90ae-32c5-c814-a2d31e9f1a4e@lounge.org> <DB8ED828-D18F-4AEF-A7AB-884D085ECDA7@juniper.net> <8dbe0263-de63-0ddd-86db-04fa7744155c@lounge.org>
X-Mailer: Apple Mail (2.3445.8.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/tp0zB6ivu8SOC8pAu5pvzBVnI78>
Subject: Re: [secdir] review of draft-ietf-netconf-nmda-restconf-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2018 00:49:00 -0000

There have been a few comments that have been made to the version of the draft that has been submitted to IESG. While we wait for other comments to be provided, and direction of when an update should be provided, who amongst the authors is updating GitHub with these changes? 

I am concerned we might lose track of the changes that need to be made.

Here are the changes that I am aware of for nmda-restconf. I can compile a similar list for nmda-netconf if needed.

Kent’s comment on nmda-restconf operations (thread <https://www.ietf.org/mail-archive/web/netconf/current/msg14998.html> from today).
Dan’s comment on this thread (also from today, but is not on netconf mailing list)
Russ’s Genart review (thread <https://www.ietf.org/mail-archive/web/netconf/current/msg14834.html> from June 28)
Rohit’s change-2 comments provided for nmda-netconf, that are applicable for nmda-restconf (thread <https://www.ietf.org/mail-archive/web/netconf/current/msg14607.html> from June 1)

Anything else that I missing?


Mahesh Jethanandani // as document shephard

> On Jul 9, 2018, at 9:03 AM, Daniel Harkins <dharkins@lounge.org> wrote:
> 
> 
> On 7/5/18 7:46 AM, Kent Watsen wrote:
>> I think that the current wording is okay, but I'm okay with changing
>> it too. How about this?
>> 
>> 
>> OLD:
>>    The "with-defaults" query parameter ([RFC8040], Section 4.8.9) is
>>    optional to support when interacting with {+restconf}/ds/ietf-
>>    datastores:operational.  The associated capability to indicate a
>>    server's support is identified with the URI:
>> 
>> NEW:
>>    The "with-defaults" query parameter ([RFC8040], Section 4.8.9)
>>    MAY be supported for the operational state datastore.  Support
>>    for the "with-defaults" query parameter for the operational
>>    state datastore is identified with the URI:
>> 
>> 
>> 
>> OLD:
>>    The "with-origin" query parameter is optional to support.  It is
>>    identified with the URI:
>> 
>> NEW:
>>    The "with-origin" query parameter MAY be supported.  Support
>>    for the "with-origin" query parameter is identified with the
>>    URI:
>> 
>> 
>> 
>> FWIW, elsewhere in the draft is another "optional" usage that could
>> be changed:
>> 
>>  OLD:
>>    An NMDA-compliant server MUST implement {+restconf}/ds/ietf-
>>    datastores:operational.  Other datastore resources are optional to
>>    implement.
>> 
>>  NEW:
>>    An NMDA-compliant server MUST implement {+restconf}/ds/ietf-
>>    datastores:operational.  Other datastore resources MAY be
>>    implemented.
>> 
>> 
>> 
>> Comments?
> 
>   Looks fine, thanks.
> 
>   Dan.
> 
>> 
>> Kent  // co-author
>> 
>> 
>> 
>> On 7/4/18 11:34 AM, Juergen Schoenwaelder wrote:
>>> On Wed, Jul 04, 2018 at 11:08:10AM -0700, Daniel Harkins wrote:
>>>>    I'm suggesting SHOULD _or_ MAY and I thought where would be obvious.
>>>> It is the places that say "optional to support" in 3.2.1. and 3.2.2 as
>>>> I indicated. For example, 3.2.1 says,
>>>> 
>>>>     The "with-defaults" query parameter ([RFC8040], Section 4.8.9 <https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_rfc8040-23section-2D4.8.9&d=DwIDaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=fApqY-LnEgjm4NbObNcu5L44jAZ2UYJz0CWl5q4U0YE&s=r65kakpgV3OSbY6iIzByXMmqvV-45Vo9wkXZHji8jlk&e=>) is
>>>>     optional to support when interacting with {+restconf}/ds/ietf-
>>>>     datastores:operational.
>>>> 
>>>> 3.2.2 has similar text. As to why, it is for consistency and clarity in
>>>> expressing what you want.
>>>> 
>>> What is unclear about 'optional to support'? RFC 8040 uses similar
>>> language and I do not recall that anyone had a problem with this so
>>> far.
>>    If you want to reject my comment then just reject my comment. It was made
>> in the spirit of improving your draft which apparently you take issue with
>> for some bizarre reason. If someone outside the RFC 8040 bubble you seem
>> to be
>> living in found the wording lacking in clarity then it would seem logical to
>> infer that maybe others might too. Just a thought.
>> 
>>    Dan.