Linda, Yes, you are right. We will clarify this in the revision. Thanks.
Best Regards, Paul 2018. 2. 13. 오전 1:59에 "Linda Dunbar" <[email protected]>님이 작성: Paul, Thank you very much for the explanation. So the “Policy Domain” in your document is about a “Family (or group) of Tenants”, correct? Linda *From:* Mr. Jaehoon Paul Jeong [mailto:[email protected]] *Sent:* Monday, February 12, 2018 2:56 AM *To:* Linda Dunbar <[email protected]> *Cc:* [email protected]; John Strassner <[email protected]>; Rakesh Kumar < [email protected]>; Xialiang (Frank) <[email protected]>; Brian Kim <[email protected]>; Susan Hares <[email protected]>; SecCurator_Team <[email protected]>; Mr. Jaehoon Paul Jeong <[email protected]> *Subject:* Re: [I2nsf] WG Adoption call for https://tools.ietf.org/html/ draft-jeong-i2nsf-consumer-facing-interface-dm-04 Hi Linda, Here is my clarification on your question. > Is the “+--rw multi-tenancy” branch the attribute profile for “one > tenant”? or list of multiple “tenants” with the attributes listed for > one tenant? Yes, the "+--rw multi-tenancy” branch represents a list of multiple "tenants". In the list, a policy-domain represents a single domain distinguished by policy-domain-id, which is an organization (e.g., enterprise). Note that each domain can have multiple tenants that are actual customers in the domain, such as departments (e.g., Human Resources, Finance, and Legal Department). According to Section 4 (Information Model for Multi-Tenancy) of draft-kumar-i2nsf-client-facing-interface-im-04, which is the information model of the I2NSF Consumer-Facing Interface, a tenant is an entity within an organization (e.g., enterprise and university), such as a customer or department (e.g., Human Resources, Finance, and Legal Department). It could have its own security policies within the organization. For clarification in the data model tree, I think that policy-tenant should be a child node of policy-domain as below. | +--rw policy-domain* [policy-domain-id] | | +--rw policy-domain-id* uint16 | | +--rw name string | | +--rw address? string | | +--rw contact string | | +--rw date yang:date-and-time | | +--rw policy-tenant* [policy-tenant-id] | | +--rw policy-tenant-id* uint16 | | +--rw name string | | +--rw date yang:date-and-time | | +--rw domain -> /ietf-i2nsf-consumer-facing- interface/ | | multi-tenancy/policy-domain/ | | policy-domain-id In the next revision, we will reflect this one. If you have further questions, please let me know. Thanks. Best Regards, Paul On Fri, Feb 9, 2018 at 5:55 AM, Linda Dunbar <[email protected]> wrote: Questions to the Authors: Is the “+--rw multi-tenancy” branch the attribute profile for “one tenant”? or list of multiple “tenants” with the attributes listed for one tenant? Thank you very much. Linda *From:* I2nsf [mailto:[email protected]] *On Behalf Of *Mr. Jaehoon Paul Jeong *Sent:* Tuesday, February 06, 2018 6:05 PM *To:* John Strassner <[email protected]> *Cc:* Rakesh Kumar <[email protected]>; [email protected]; SecCurator_Team <[email protected]>; Linda Dunbar < [email protected]>; Xialiang (Frank) <[email protected]>; Brian Kim <[email protected]>; Susan Hares <[email protected]> *Subject:* Re: [I2nsf] WG Adoption call for https://tools.ietf.org/html/ draft-jeong-i2nsf-consumer-facing-interface-dm-04 Hi John, Thanks for your constructive suggestions on our draft. :-) We authors will clarify your suggestions on the next revision. You can give us your advice on our next revision. Thanks. Best Regards, Paul On Wed, Feb 7, 2018 at 8:46 AM, John Strassner <[email protected]> wrote: IMHO, the purpose of a WG adopting a draft is to acknowledge that the draft is a good starting point for the work that WG wants to accomplish. To be perfectly clear, I am NOT objecting on the completeness of the document. Rather, I am objecting on the technical correctness of the starting point. I do NOT feel that the proposed documents represent a good starting point. Ignoring things that can be easily fixed (e.g., grammar), there are a host of problems, such as: - what, exactly, is this draft trying to do? I thought I would see YANG for policy rules sent over the Consumer-Facing Interface. Instead, I see the name of the interface, whose first element is multi-tenancy, that also contains policies? Policies do not care about multi-tenancy. They do care about domains. The organization of the YANG is incorrect. - sec 4: in the ieft-i2nsf-cf-interface module - why is multi-tenancy at the top of the tree? Shouldn't a DOMAIN be able to have multiple tenants? - why does a domain have an authentication-method? First, multiple such methods should be able to be used. Second, how would a domain know what an authentication method even is? - why is tenant a sibling of domain, and not a child? - why is domain a leaf within policy-tenant? This should be a reference, and why doesn't domain have a reference to policy-tenant? - policy roles have nothing to do with multi-tenancy - why are they here? I could go on, but even the above means that the rest of the YANG will be wrong. Therefore, the document is NOT a good starting point, and will NOT accelerate the path to getting a good RFC. regards, John On Fri, Jan 26, 2018 at 3:23 PM, Linda Dunbar <[email protected]> wrote: The authors of I2NSF Consumer-Facing Interface YANG Data Model https://tools.ietf.org/html/draft-jeong-i2nsf-consumer- facing-interface-dm-04 Have requested working group adoption of this draft. Please bear in mind that WG Adoption doesn’t mean that the draft current content is ready, WG Adoption only means that it is a good basis for a working group to work on. While all feedback is helpful, comments pro or con with explanations are much more helpful than just "yes please" or "no thank you". Thank you. Linda & Yoav _______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf -- regards, John _______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected], [email protected] Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php <http://cpslab.skku.edu/people-jaehoon-jeong.php> -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Assistant Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: [email protected], [email protected] Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php <http://cpslab.skku.edu/people-jaehoon-jeong.php>
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
