On Wed, Sep 24, 2014 at 09:00:26AM +0200, Juergen Schoenwaelder wrote: > I believe the OO analogy is largely mis-leading, I think the union > filesystem semantics are much closer.
Accepted. I'll stick to the union filesystem example alone for the future. > > Possible yang 1.1 implications: If the above model works, the discussed > > configuration semantic may be the previously discussed > > "config (false|true|ephemeral);" > > My understanding that both the config datastore and any ephemeral > datastores largely use the same data model (or schema). So config > true|false remains unchanged - the difference is the datastore you > write to. I had forgotten this detail. > > It is noted, however, that introducing something like a secondary identity > > would require changes to SSH and/or TLS and may be somewhat difficult to > > make the case to the owning working groups. > > I do not follow here. The secure transport delivers what NETCONF calls > a username, the identity of the NETCONF client. If this client acts on > behalf of another application (the secondary identity), then this > identity is meta data should be attached to the information submitted > to the ephemeral datastore. I do not see why this would lead to any > changes to SSH or TLS. I tried to raise this as a question during the interim, but I think it was lost. How should the meta-data be transported? > > Some discussion was given to the filtering considerations. Extending the > > filtering options of the ietf-inet-types module may be appropriate. > > [Juergen, is this an action item for yang 1.1?] > > The YANG 1.1 issue Y20 is about adding a set of built-in xpath > functions. I like to ask I2RS to tell us what functions they need. We > do have IP prefix-length matching on our radar. If other functions are > required, please let us know as soon as possible. The primary ones I am aware of are operations on network addresses and prefixes. Was netmod looking for an explicit manifest of such operations? This may have overlap in the work for the ACL module that is already a netmod document. > Now, this mostly is about the xpath function set that can be used in > must and when expressions. You probably want to use them also in > filtering expressions in the protocol. This is where things again > become a protocol issues. Note that RFC 6241 says on page 17: > > The XPath expression is interpreted in the following context: > > [...] > > * The function library is the core function library. We'll raise this point separately to netconf. -- Jeff _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
