Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js

To: Phil Shafer <phil at juniper.net>
Subject: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
Date: Tue, 3 Nov 2009 16:22:33 +0100
Cc: "netconf at ietf.org" <netconf at ietf.org>
Delivered-to: netconf at core3.amsl.com
In-reply-to: <200911031432.nA3EWxSg065216 at idle.juniper.net>
List-archive: <http://www.ietf.org/mail-archive/web/netconf>
List-help: <mailto:netconf-request@ietf.org?subject=help>
List-id: Network Configuration WG mailing list <netconf.ietf.org>
List-post: <mailto:netconf@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Phil Shafer <phil at juniper.net>, "netconf at ietf.org" <netconf at ietf.org>
References: <20091103142239.GA7302 at elstar.local> <200911031432.nA3EWxSg065216 at idle.juniper.net>
Reply-to: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
User-agent: Mutt/1.5.20 (2009-06-14)

On Tue, Nov 03, 2009 at 03:32:58PM +0100, Phil Shafer wrote:
> Juergen Schoenwaelder writes:
> >Tell me how this works (AVPs are the things RADIUS sends around in the
> >payload) - or better tell me not, since this would impact ISMS badly.
> 
> Look for "JUNOS Configuration" in:
> 
> http://www.cymru.com/gillsr/documents/junos-radius-authentication.htm

That seems to be a Juniper specific thing and given my experience with
IETF Radius folks, they might or might not agree this is good usage of
Radius. RFC 5607 seems the closest in the IETF world as it provides a
Management-Policy-Id - this Management-Policy-Id might be used for
access control decisions. But it is not changing the user identity.
Anyway, this gets us deeply into terminology issues and implementation
details - we will have to go there if we do access control work. Lets
not do it now.

> >You won't expect TCP objects to document how TCP works, right. The
> >same logic applies to RFC 3412 and all the other SNMP RFCs.
> 
> No, but I would expect the tcp.yang to fully describe how the tcp
> objects work, not just that this leaf has a range of such and the
> leaf is a boolean.  Given that we can say:
> 
>     description "
> 
> Lots of very detailed text.
> More detailed text.
> 
> ";
> 
> and:
> 
> /*
> 
> Some detailed text that needn't be in the description statement.
> 
> */
> 
> And given the number of mib implementors that seem to not read the
> rfc, just the mib, I'd vote to have all real text live within the
> yang module.

We both agree on the principle - I just disagree with your citation of
RFC 3412 in an attempt to prove me wrong that the SMIv2 practice has
been for a long time to have MIB modules self-contained.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

Follow-Ups:
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Randy Presuhn
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Phil Shafer

References:
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Juergen Schoenwaelder
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Phil Shafer

Prev by Date: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Next by Date: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Previous by thread: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call commentsfrom js
Next by thread: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Index(es):
- Date
- Thread

Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.