Re: secdir review of draft-ietf-netconf-partial-lock-09.txt

From: Wes Hardaker <wjhns1 at hardakers.net>
To: Andy Bierman <ietf at andybierman.com>
Cc: "draft-ietf-netconf-partial-lock at tools.ietf.org" <draft-ietf-netconf-partial-lock at tools.ietf.org>, "ietf at ietf.org" <ietf at ietf.org>, "secdir at ietf.org" <secdir at ietf.org>
Date: Thu, 13 Aug 2009 13:37:50 -0700
In-reply-to: <4A8430BE.2050701 at andybierman.com> (Andy Bierman's message of "Thu, 13 Aug 2009 08:26:54 -0700")
References: <AC6674AB7BC78549BB231821ABF7A9AE8E775BCA45 at EMBX01-WF.jnpr.net> <016701ca1bf7$400ac480$0601a8c0 at allison> <AC6674AB7BC78549BB231821ABF7A9AE8E777C002A at EMBX01-WF.jnpr.net> <4A83FA7D.9040209 at bwijnen.net> <AC6674AB7BC78549BB231821ABF7A9AE8E777C00E6 at EMBX01-WF.jnpr.net> <4A8430BE.2050701 at andybierman.com>

>>>>> On Thu, 13 Aug 2009 08:26:54 -0700, Andy Bierman <ietf at andybierman.com> said:

AB> discard-changes only works because authorization is ignored,
AB> otherwise the agent would be deadlocked.

Huh????  why would discard-changes be authorization ignorant???  That's
just as unsafe (unless you're only discarding your own changes).

AB> Only the global lock operation defined in RFC 4741
AB> can prevent this problem.

The global lock has different issues.

The problem isn't with the locking.  Locking, and partial locking are
good.  It's with the global-level commit operation.
-- 
Wes Hardaker
Cobham Analytic Solutions

Follow-Ups:
- Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Andy Bierman

References:
- secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Stephen Hanna
- Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Tom.Petch
- RE: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Stephen Hanna
- Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Bert (IETF) Wijnen
- RE: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Stephen Hanna
- Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
  - From: Andy Bierman

Prev by Date: Re: Gen-ART LC/Telechat review of draft-freed-sieve-in-xml-05
Next by Date: Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
Previous by thread: Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
Next by thread: Re: secdir review of draft-ietf-netconf-partial-lock-09.txt
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: secdir review of draft-ietf-netconf-partial-lock-09.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.