Re: [yang-doctors] [Last-Call] Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03
"Wubo (lana)" <lana.wubo@huawei.com> Fri, 08 May 2020 09:46 UTC
Return-Path: <lana.wubo@huawei.com>
X-Original-To: yang-doctors@ietfa.amsl.com
Delivered-To: yang-doctors@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BEAD3A0971; Fri, 8 May 2020 02:46:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7JoO2lsy2sFY; Fri, 8 May 2020 02:46:05 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CC753A0970; Fri, 8 May 2020 02:46:05 -0700 (PDT)
Received: from lhreml740-chm.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 5CE8C62CA2340911D5E5; Fri, 8 May 2020 10:46:02 +0100 (IST)
Received: from dggeme704-chm.china.huawei.com (10.1.199.100) by lhreml740-chm.china.huawei.com (10.201.108.190) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1913.5; Fri, 8 May 2020 10:46:01 +0100
Received: from dggeme752-chm.china.huawei.com (10.3.19.98) by dggeme704-chm.china.huawei.com (10.1.199.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1913.5; Fri, 8 May 2020 17:45:51 +0800
Received: from dggeme752-chm.china.huawei.com ([10.6.80.76]) by dggeme752-chm.china.huawei.com ([10.6.80.76]) with mapi id 15.01.1913.007; Fri, 8 May 2020 17:45:51 +0800
From: "Wubo (lana)" <lana.wubo@huawei.com>
To: john heasley <heas@shrubbery.net>, Ladislav Lhotka <ladislav.lhotka@nic.cz>
CC: tom petch <ietfc@btconnect.com>, "Joe Clarke (jclarke)" <jclarke@cisco.com>, "yang-doctors@ietf.org" <yang-doctors@ietf.org>, "opsawg@ietf.org" <opsawg@ietf.org>, "draft-ietf-opsawg-tacacs-yang.all@ietf.org" <draft-ietf-opsawg-tacacs-yang.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [Last-Call] Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03
Thread-Index: AdYk4Gbf4pj4KtOaTBWGZsY56w6jLA==
Date: Fri, 08 May 2020 09:45:51 +0000
Message-ID: <15ad976a0e3f48e4a88dadfb497a1e0e@huawei.com>
Accept-Language: en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.138.33.83]
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/yang-doctors/2XYtnaLHwEZLWdxvDRuOqDi9FQ0>
Subject: Re: [yang-doctors] [Last-Call] Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03
X-BeenThere: yang-doctors@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email list of the yang-doctors directorate <yang-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/yang-doctors/>
List-Post: <mailto:yang-doctors@ietf.org>
List-Help: <mailto:yang-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/yang-doctors>, <mailto:yang-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 May 2020 09:46:08 -0000
Hi John, Thanks for the review. Please see inline. Regards, Bo -----邮件原件----- 发件人: john heasley [mailto:heas@shrubbery.net] 发送时间: 2020年5月8日 2:10 收件人: Ladislav Lhotka <ladislav.lhotka@nic.cz> 抄送: tom petch <ietfc@btconnect.com>; Wubo (lana) <lana.wubo@huawei.com>; Joe Clarke (jclarke) <jclarke@cisco.com>; yang-doctors@ietf.org; opsawg@ietf.org; draft-ietf-opsawg-tacacs-yang.all@ietf.org; last-call@ietf.org 主题: Re: [Last-Call] Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03 Thu, May 07, 2020 at 03:02:24PM +0200, Ladislav Lhotka: > > [Bo] Please see if the definition below is correct: > > typedef tcsplus-server-type { > > type bits { > > bit authentication { > > description > > "When set, the server is an authentication server."; > > } > > bit authorization { > > description > > "When set, the server is an authorization server."; > > } > > bit accounting { > > description > > "When set, the server is an accounting server."; > > } > > bit all { > > description > > "When set, the server can be all types of TACACS+ servers."; > > } > > > > } > > description > > "server-type can be set to authentication/authorization/accounting or any combination of the three types. > > When all three types are supported, either "all" or the three bits setting can be used; > > } > > > > <tp> > > I would drop the all. I know that I suggested it, or an asterisk, but I was thinking that this was a common case. Joe suggests that no accounting is the commoner - I do not have sufficient exposure to know - in which case I would not bother with 'all'. Whether or not to make auth/auth the default I have no particular view on - as I say, I lack the exposure to be confident about that. > > > > Having 'all' adds complexity, two ways to something, while making a small saving in message size - on balance, not worth it. > > Agreed. Lada Note that enabling certain types of accounting is rare, at least in my opinion. eg: enabling login accounting is not rare, while command accounting is rare because it is expensive esp. on some particular devices. Also, rare or not, enabling it for a tacacs server is sort of orthogonal. it will not be used for that purpose unless some form of accounting is enabled. I'll have to look at the model again; i do not recall if the model allows for particular accounting types w/o augmentation. [Bo] The accounting type you mentioned, I understand, is that the System model needs to be augmented. Currently, the System model only defines authentication. About the model, do you think the "all" bit is still necessary?
- [yang-doctors] Yangdoctors last call review of dr… Ladislav Lhotka via Datatracker
- Re: [yang-doctors] Yangdoctors last call review o… Joe Clarke (jclarke)
- [yang-doctors] [Ladislav Lhotka] Re: Yangdoctors … Ladislav Lhotka
- Re: [yang-doctors] Yangdoctors last call review o… Wubo (lana)
- Re: [yang-doctors] Yangdoctors last call review o… Joe Clarke (jclarke)
- Re: [yang-doctors] Yangdoctors last call review o… Ladislav Lhotka
- Re: [yang-doctors] Yangdoctors last call review o… Ladislav Lhotka
- Re: [yang-doctors] Yangdoctors last call review o… Wubo (lana)
- Re: [yang-doctors] Yangdoctors last call review o… Wubo (lana)
- Re: [yang-doctors] Yangdoctors last call review o… tom petch
- Re: [yang-doctors] [Last-Call] Yangdoctors last c… Ladislav Lhotka
- Re: [yang-doctors] Yangdoctors last call review o… Joe Clarke (jclarke)
- Re: [yang-doctors] [Last-Call] Yangdoctors last c… john heasley
- Re: [yang-doctors] [Last-Call] Yangdoctors last c… Wubo (lana)
- Re: [yang-doctors] [Last-Call] Yangdoctors last c… john heasley
- Re: [yang-doctors] [Last-Call] Yangdoctors last c… Wubo (lana)