Authors of draft-kim-i2nsf-nsf-facing-interface-data-data-model: Clarification questions:
- Is Section 4 more on the “Structure of I2nsf Policy Rules”? instead of “Objectives”? - Is the “+--rw generic-nsf” branch more for the “property” of the policy (lack of better words)? More for describing the policy’s priority in relate to others and the resolution strategy if there is any conflict? Thanks, Linda From: Mr. Jaehoon Paul Jeong [mailto:[email protected]] Sent: Tuesday, February 06, 2018 5:42 PM To: John Strassner <[email protected]> Cc: [email protected]; Linda Dunbar <[email protected]>; Jingyong (Tim) Kim <[email protected]>; Susan Hares <[email protected]>; SecCurator_Team <[email protected]> Subject: Re: [I2nsf] WG Adoption call for https://tools.ietf.org/html/draft-kim-i2nsf-nsf-facing-interface-data-model-04 Hi John, Thanks for your good suggestions on our draft. :-) We authors will clarify your suggestions on the next revision except the OO design for the YANG data model. The OO design takes time, so we will try to address it later. You can suggest the good OO design based on our next revision. Thanks. Best Regards, Paul On Wed, Feb 7, 2018 at 8:31 AM, John Strassner <[email protected]<mailto:[email protected]>> wrote: IMHO, the purpose of a WG adopting a draft is to acknowledge that the draft is a good starting point for the work that WG wants to accomplish. To be perfectly clear, I am NOT objecting on the completeness of the document. Rather, I am objecting on the technical correctness of the starting point. I do NOT feel that the proposed documents represent a good starting point. Ignoring things that can be easily fixed (e.g., grammar), there are a host of problems, such as: - sec 4: it is unclear what is meant by "Objectives", see below - sec 4.1 does NOT define what an I2NSF SecurityPolicyRule is, or what its objective is - secs 4.2 and 4.3 do provide definitions of events and conditions (though their grammar needs improvement) - sec 4.4 provides a superficial definition of an action that needs tightening up The above are troublesome, as all definitions are clearly defined in the terminology draft. For a long time now... :-( And I really don't understand why this section is labeled "Objectives". Objectives of what? An event? of the data model? something else? - sec 5.1: I don't understand the design of the YANG module at all - the ietf-i2nsf-nsf-facing-interface module appears to describe a policy rule, but is given the name of an interface. In addition, why does generic-nsf contain a policy (i2nsf-security-policy)? Put another way, the name of the module is the name of an interface, but doesn't describe an interface, and more importantly, NSFs do NOT contain policy rules - they are sent policy rules by the policy engine - Worse, why are the event, condition, and action containers NOT inside the policy rule? - Same problem for figures 5.2-5.4, plus other problems (e.g., why is the resolution strategy NOT a part of the policy???) - the design of the condition clause is not scalable. In an OO design, one does NOT simply list a hundred attributes in a class. We decided that the YANG module would be designed in an OO style. - same problem for the action clause Given the above, the rest of the YANG will be wrong. Therefore, the document is NOT a good starting point, and will NOT accelerate the path to getting a good RFC. regards, John On Fri, Jan 26, 2018 at 3:21 PM, Linda Dunbar <[email protected]<mailto:[email protected]>> wrote: The authors of I2NSF Network Security Functions-Facing Interface YANG Data Model https://tools.ietf.org/html/draft-kim-i2nsf-nsf-facing-interface-data-model-04 Have requested working group adoption of this draft. Please bear in mind that WG Adoption doesn’t mean that the draft current content is ready, WG Adoption only means that it is a good basis for a working group to work on. While all feedback is helpful, comments pro or con with explanations are much more helpful than just "yes please" or "no thank you". Thank you. Linda & Yoav _______________________________________________ I2nsf mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/i2nsf -- regards, John _______________________________________________ I2nsf mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/i2nsf -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected]<mailto:[email protected]>, [email protected]<mailto:[email protected]> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php>
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
