On 22/03/2022 10:54, Roman Danyliw wrote:
Hi Sue!
-----Original Message-----
From: Susan Hares <[email protected]>
Sent: Sunday, March 20, 2022 6:35 PM
To: Roman Danyliw <[email protected]>; [email protected]
Subject: RE: [I2nsf] Comments on re-chartering
Roman:
Security has created very few Yang modules. Therefore, you do not have
experience with the lengthy cycle for this work. Ask Rob Wilton about the
versioning efforts or ask Alvaro regarding the routing yang models. Or
look at the BGP model for complexity.
...
For example, I would like to get the I2NSF IP-SEC model adapted so that we can
use it in the BGP model. This takes chatting with the folks in I2NSF who are
experts.
I've consulted with my peer-SEC ADs. If the community has interest to more
closely align this activity with the larger critical mass of work in Yang
modules in the IETF, we would be supportive of moving I2NSF to the OPS Area to
finish the remaining work or evolve it as appropriate.
YANG, like Security, is an arcane subject but knowledge of it is now
widespread, inside and outside the IETF. Where I think that I see the
YANG work go wrong, in several WG, is at the start, getting the
structure, the scope, wrong and that is hard to change later so may not
get changed (my comments on the lack of a common I2NSF I-D, module,
definitions and so on, are in that vein). Security, by contrast, can
often be fixed late in the day with a judicious tweak to Security
Considerations or by the addition of nacm:default deny-all in the YANG.
With the work of I2NSF so far, I see few YANG problems of any account,
apart from the one I mentioned. By contrast, I have seen many issues
arising from a lack of familiarity with core IETF protocols - IP, ICMP,
TCP. DCCP, HTTP, POP3 and so on - and the most recent set of I-D may
repeat that pattern. My knowledge of these protocols is basic but is
enough to see over and over again that the I-D needs changing or that a
change made is inappropriate. Given the wide scope of the current I2NSF
I-D, I find it hard to suggest a better home for them; rather, they
would have benefitted from ...art reviews at an earlier stage. If the
focus changes, for example to provide a focus on BGP, then a move to an
Area or WG with skills in that focus would seem prudent.
The Security Area, as I have commented before, is lagging in producing
YANG modules for others to use and other WG have stepped in, with or
without success; the Routing Area, by contrast, has produced a wealth of
material but I do not see YANG skills, or lack thereof, as a factor in
the current work of the I2NSF WG; rather a lack of familiarity with the
other work of the IETF
Tom Petch.
Regards,
Roman
_______________________________________________
I2nsf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2nsf
.
_______________________________________________
I2nsf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2nsf
