On Thu, Aug 18, 2016 at 8:14 AM, Juergen Schoenwaelder <[email protected]> wrote: > Sue, > > I still do not see why the 'mode of exposure' of data benefits from > being hard-wired in the data model. For me, it is a situational and > deployment specific question. But I shut up here since I aired this > concern before (and we simply seem to disagree).
I agree with Juergen on this point and the example provided seems to go in line with his line of reason. The decision could be made based on the data by the operator and not the data model. This is what typically happens and is more flexible to cover confidentiality and privacy decisions that do vary by situation. I'll go back through the other responses to my questions now. Thanks, Kathleen > > /js > > On Thu, Aug 18, 2016 at 08:07:18AM -0400, Susan Hares wrote: >> Juergen: >> >> My example is the looking glass servers for the BGP route views project >> (http://www.routeviews.org/) or a route indicating the presence of a >> web-server that is public. For the BGP I2RS route, a yang model could >> replace the looking glass function, and provide events for these looking >> glass functions. For the web-server route, an event be sent when that >> one route is added. >> >> Sue >> >> >> -----Original Message----- >> From: Juergen Schoenwaelder [mailto:[email protected]] >> Sent: Thursday, August 18, 2016 3:32 AM >> To: Susan Hares >> Cc: 'Kathleen Moriarty'; 'The IESG'; [email protected]; [email protected]; >> [email protected]; >> [email protected] >> Subject: Re: [i2rs] Kathleen Moriarty's Discuss on >> draft-ietf-i2rs-protocol-security-requirements-07: (with DISCUSS and >> COMMENT) >> >> On Wed, Aug 17, 2016 at 09:16:48PM -0400, Susan Hares wrote: >> > ---------------------------------------------------------------------- >> > COMMENT: >> > ---------------------------------------------------------------------- >> > >> > > Section 3: >> > > Can you clarify the second to last sentence? Do you mean there are >> sections that indicate an insecure transport should be used? >> > > I2RS allows the use of an >> > > insecure transport for portions of data models that clearly >> > > indicate insecure transport. >> > >> > > Perhaps: >> > > I2RS allows the use of an >> > > insecure transport for portions of data models that clearly >> > > indicate the use of an insecure transport. >> >> I still wonder how a data model writer can reasonably decide whether a piece >> of information can be shipped safely over an insecure transport since this >> decision often depends on the specifics of a deployment situation. >> >> /js >> >> PS: I hope we do not end up with defining data multiple times (once >> for insecure transport and once for secured transports). >> >> -- >> Juergen Schoenwaelder Jacobs University Bremen gGmbH >> Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany >> Fax: +49 421 200 3103 <http://www.jacobs-university.de/> >> >> _______________________________________________ >> i2rs mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/i2rs > > -- > Juergen Schoenwaelder Jacobs University Bremen gGmbH > Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany > Fax: +49 421 200 3103 <http://www.jacobs-university.de/> -- Best regards, Kathleen _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
