subject:"\[I2nsf\] Request for Review of I2NSF NSF\-Facing Interface YANG Data Model Draft"

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-11 Thread Mr. Jaehoon Paul Jeong

Hi Jean-Michel,
No problem.

Thanks for your confirmation :-)

Best Regards,
Paul

On Mon, Apr 11, 2022 at 9:12 PM Jean-Michel Combes <
jeanmichel.com...@gmail.com> wrote:

> Hi,
>
> At first, sorry for this (very/too) late reply ... all my apologies :s
>
> Thanks for your answers to my comments/questions. I really appreciate!
>
> All your modifications are fine for me.
>
> Best regards,
>
> JMC.
>
> Le lun. 21 mars 2022 à 13:37, Mr. Jaehoon Paul Jeong <
> jaehoon.p...@gmail.com> a écrit :
>
>> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray,
>> and Zaheduzzaman,
>> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>> I attach the revision letter to explain how Patrick and I have reflected
>> your comments.
>> In the 1st page of the revision letter, there is an index table to mark
>> the start page
>> of the comments and responses for each reviewer.
>>
>> If each of you is satisfied with the revision, please let us know and
>> update the status of your stance on this draft.
>>
>> Thanks.
>>
>> Best Regards,
>> Paul
>> --
>> ===
>> Mr. Jaehoon (Paul) Jeong, Ph.D.
>> Associate Professor
>> Department Head
>> Department of Computer Science and Engineering
>> Sungkyunkwan University
>> Office: +82-31-299-4957
>> Email: paulje...@skku.edu, jaehoon.p...@gmail.com
>> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
>> 
>>
>>
>> On Mon, Mar 21, 2022 at 5:19 PM  wrote:
>>
>>>
>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>> directories.
>>> This draft is a work item of the Interface to Network Security Functions
>>> WG of the IETF.
>>>
>>> Title   : I2NSF Network Security Function-Facing
>>> Interface YANG Data Model
>>> Authors : Jinyong (Tim) Kim
>>>   Jaehoon (Paul) Jeong
>>>   Jung-Soo Park
>>>   Susan Hares
>>>   Qiushi Lin
>>> Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
>>> Pages   : 82
>>> Date: 2022-03-20
>>>
>>> Abstract:
>>>This document defines a YANG data model for configuring security
>>>policy rules on Network Security Functions (NSF) in the Interface to
>>>Network Security Functions (I2NSF) framework.  The YANG data model in
>>>this document corresponds to the data model in Capability data model
>>>in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].
>>>
>>>
>>> The IETF datatracker status page for this draft is:
>>>
>>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/
>>>
>>> There is also an htmlized version available at:
>>>
>>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>>
>>> A diff from the previous version is available at:
>>>
>>> https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>>
>>>
>>> Internet-Drafts are also available by rsync at rsync.ietf.org:
>>> :internet-drafts
>>>
>>>
>>> ___
>>> I2nsf mailing list
>>> I2nsf@ietf.org
>>> https://www.ietf.org/mailman/listinfo/i2nsf
>>>
>>
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-11 Thread Jean-Michel Combes

 Hi,

At first, sorry for this (very/too) late reply ... all my apologies :s

Thanks for your answers to my comments/questions. I really appreciate!

All your modifications are fine for me.

Best regards,

JMC.

Le lun. 21 mars 2022 à 13:37, Mr. Jaehoon Paul Jeong 
a écrit :

> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, and
> Zaheduzzaman,
> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>
> I attach the revision letter to explain how Patrick and I have reflected
> your comments.
> In the 1st page of the revision letter, there is an index table to mark
> the start page
> of the comments and responses for each reviewer.
>
> If each of you is satisfied with the revision, please let us know and
> update the status of your stance on this draft.
>
> Thanks.
>
> Best Regards,
> Paul
> --
> ===
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department Head
> Department of Computer Science and Engineering
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: paulje...@skku.edu, jaehoon.p...@gmail.com
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
> 
>
>
> On Mon, Mar 21, 2022 at 5:19 PM  wrote:
>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the Interface to Network Security Functions
>> WG of the IETF.
>>
>> Title   : I2NSF Network Security Function-Facing
>> Interface YANG Data Model
>> Authors : Jinyong (Tim) Kim
>>   Jaehoon (Paul) Jeong
>>   Jung-Soo Park
>>   Susan Hares
>>   Qiushi Lin
>> Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
>> Pages   : 82
>> Date: 2022-03-20
>>
>> Abstract:
>>This document defines a YANG data model for configuring security
>>policy rules on Network Security Functions (NSF) in the Interface to
>>Network Security Functions (I2NSF) framework.  The YANG data model in
>>this document corresponds to the data model in Capability data model
>>in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/
>>
>> There is also an htmlized version available at:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>> A diff from the previous version is available at:
>>
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>>
>> Internet-Drafts are also available by rsync at rsync.ietf.org:
>> :internet-drafts
>>
>>
>> ___
>> I2nsf mailing list
>> I2nsf@ietf.org
>> https://www.ietf.org/mailman/listinfo/i2nsf
>>
>
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-06 Thread Mr. Jaehoon Paul Jeong

Hi Alexey,
I have addressed your comments on GLOB with the following revision:
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-24

Thanks for your help.

Best Regards,
Paul


On Wed, Apr 6, 2022 at 10:00 PM Alexey Melnikov 
wrote:

> Hi Paul,
> On 04/04/2022 17:35, Mr. Jaehoon Paul Jeong wrote:
>
> Alexey,
> Okay.
> How about the following new description?
> ---
> leaf-list exception-files {
>   type string;
>   description
> "The type or name of the files to be excluded by the
>  antivirus. This can be used to keep the known
>  harmless files. Absolute paths are filenames/paths
>  to be excluded and relative ones are interpreted as
>  globs."
>   reference
> "GLOB: Linux Programmer's Manual - GLOB";
> }
> ---
>
> Yes, I think this is much better.
>
> Thank you,
>
> Alexey
>
>
> Thanks.
>
> Best Regards,
> Paul
>
> On Mon, Apr 4, 2022 at 6:41 PM Alexey Melnikov 
> wrote:
>
>> Hi Paul,
>> On 02/04/2022 14:57, Mr. Jaehoon Paul Jeong wrote:
>>
>> Hi Alexey,
>> For your last comment, we can do the following correction along with an
>> appropriate reference.
>>
>> -
>>
>> => Apparently the pattern used for pathnames (e.g., '*.exe') is called a 
>> glob, not a regular expression.
>>
>> glob is different from a regular expression.
>>
>> For example, to get all files with ".exe" type, the pattern is different:
>>
>>
>>- regular expression: .*\.exe
>>- glob: *.exe
>>
>> Reference to glob: https://man7.org/linux/man-pages/man7/glob.7.html
>>
>> I can update the description for leaf-list and added a reference as follows:
>>
>>NEW:
>>   leaf-list exception-files {
>> type string;
>> description
>>   "The type or name of the files to be excluded by the
>>antivirus. This can be used to keep the known
>>harmless files. The value should be interpreted as a
>>globbing pathname.
>>If the value starts with a character '*' (e.g., '*.exe'),
>>the antivirus should interpret it as a file pattern/type
>>to be excluded.
>>If the value does not start with a character '*' (e.g.,
>>'/home/example.exe'), the antivirus should interpret it
>>as a file name/path to be excluded.";
>> reference
>>"GLOB: Linux Programmer's Manual - GLOB";
>>
>>   }
>>
>>  I have also added the reference for GLOB to the References section in the 
>> XML.
>>
>> -
>>
>> Is it fine with you?
>>
>> This is better, but a globbing pattern can also start with/contain "?"
>> and "[", and it doesn't have to start with "*".
>> 
>>  (Linux globs are
>> similar.)
>>
>> If you want to use a single YANG element for both paths and globs, maybe
>> you should say that absolute paths are filenames/paths to be excludes and
>> relative ones are interpreted as globs. This would also work on Windows
>> platforms.
>>
>> Best Regards,
>>
>> Alexey
>>
>>
>> I attach the pdf file of this I-D.
>>
>> If so, I will submit the revision of this I-D to the IETF repository.
>>
>> Thanks.
>>
>> Best Regards,
>> Paul
>>
>> On Sat, Apr 2, 2022 at 12:12 AM Alexey Melnikov <
>> alexey.melni...@isode.com> wrote:
>>
>>> Hi Paul,
>>> On 21/03/2022 12:36, Mr. Jaehoon Paul Jeong wrote:
>>>
>>> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray,
>>> and Zaheduzzaman,
>>> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>>>
>>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>>
>>> I attach the revision letter to explain how Patrick and I have reflected
>>> your comments.
>>> In the 1st page of the revision letter, there is an index table to mark
>>> the start page
>>> of the comments and responses for each reviewer.
>>>
>>> If each of you is satisfied with the revision, please let us know and
>>> update the status of your stance on this draft.
>>>
>>> You pretty much addressed all of my comments. One of your changes has
>>> improved existing text, but it is still not quite clear enough:
>>>
>>>  leaf-list exception-files {
>>>type string;
>>>description
>>>  "The type or name of the files to be excluded by the
>>>   antivirus. This can be used to keep the known
>>>   harmless files.
>>>   If the value starts with a regular expression (e.g.,
>>>   '*.exe'), the antivirus should interpret it as a
>>>   file pattern/type to be excluded.
>>>   If the value does not start with a dot (e.g.,
>>>

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-06 Thread Alexey Melnikov


Hi Paul,

On 04/04/2022 17:35, Mr. Jaehoon Paul Jeong wrote:

Alexey,
Okay.
How about the following new description?
---
leaf-list exception-files {
  type string;
  description
    "The type or name of the files to be excluded by the
     antivirus. This can be used to keep the known
     harmless files. Absolute paths are filenames/paths
     to be excluded and relative ones are interpreted as
     globs."
  reference
    "GLOB: Linux Programmer's Manual - GLOB";
}
---


Yes, I think this is much better.

Thank you,

Alexey



Thanks.

Best Regards,
Paul

On Mon, Apr 4, 2022 at 6:41 PM Alexey Melnikov 
 wrote:


Hi Paul,

On 02/04/2022 14:57, Mr. Jaehoon Paul Jeong wrote:

Hi Alexey,
For your last comment, we can do the following correction along
with an appropriate reference.

-
=> Apparently the pattern used for pathnames (e.g., '*.exe') is
called a glob, not a regular expression.
glob is different from a regular expression.
For example, to get all files with ".exe" type, the pattern is
different:

  * regular expression: .*\.exe
  * glob: *.exe
Reference to glob: https://man7.org/linux/man-pages/man7/glob.7.html
I can update the description for leaf-list and added a reference
as follows:
          NEW:
          leaf-list exception-files {
            type string;
            description
              "The type or name of the files to be excluded by the
               antivirus. This can be used to keep the known
               harmless files. The value should be interpreted as a
globbing pathname.
               If the value starts with a character '*' (e.g.,
'*.exe'),
               the antivirus should interpret it as a file
pattern/type
               to be excluded.
               If the value does not start with a character
'*' (e.g.,
               '/home/example.exe'), the antivirus should
interpret it
               as a file name/path to be excluded.";
reference
"GLOB: Linux Programmer's Manual - GLOB";
          }
I have also added the reference for GLOB to the References
section in the XML.
-

Is it fine with you?


This is better, but a globbing pattern can also start with/contain
"?" and "[", and it doesn't have to start with "*".

 (Linux globs
are similar.)

If you want to use a single YANG element for both paths and globs,
maybe you should say that absolute paths are filenames/paths to be
excludes and relative ones are interpreted as globs. This would
also work on Windows platforms.

Best Regards,

Alexey



I attach the pdf file of this I-D.

If so, I will submit the revision of this I-D to the IETF repository.

Thanks.

Best Regards,
Paul

On Sat, Apr 2, 2022 at 12:12 AM Alexey Melnikov
 wrote:

Hi Paul,

On 21/03/2022 12:36, Mr. Jaehoon Paul Jeong wrote:

Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca,
Robert, Murray, and Zaheduzzaman,
Here is the revised draft of I2NSF NSF-Facing Interface YANG
Data Model:

https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22

I attach the revision letter to explain how Patrick and I
have reflected your comments.
In the 1st page of the revision letter, there is an index
table to mark the start page
of the comments and responses for each reviewer.
If each of you is satisfied with the revision, please let us
know and update the status of your stance on this draft.


You pretty much addressed all of my comments. One of your
changes has improved existing text, but it is still not quite
clear enough:

  leaf-list exception-files {
type string;
description
  "The type or name of the files to be excluded by the
   antivirus. This can be used to keep the known
   harmless files.
   If the value starts with a regular expression (e.g.,
   '*.exe'), the antivirus should interpret it as a
   file pattern/type to be excluded.
   If the value does not start with a dot (e.g.,
   'example.exe'), the antivirus should interpret it as
   a file name/path to be excluded.";
  }
}

I think the above raises a question of what is a regular expression? 
Adding a specific reference

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-06 Thread Eric Vyncke (evyncke)

[Adding INT directorate and Jean-Michel Combes]

Hello Paul,

Sorry for belated reply, the IETF-113 meeting week was quite busy for me ;-) 
May I also kindly suggest to always add the full IETF draft name in the subject 
line (many IESG members use the Subject + name as a filter) ?

As noted by Jean-Michel Combes in his INT directorate review (thank you 
Jean-Michel), I still find pretty sad that the IPv6 extension headers are not 
supported (also wonder why not directly reusing the RFC 8519 YANG module for 
ACL as such module exists).

Like Jean-Michel, I find that the identities "interface-alarm" (and other ones) 
should rather be renamed into "interface-event" (as the state change is not 
always dramatic).

About my own DISCUSS, the change to a "choice layer-3" is still a XOR: either 
IPv4 or IPv6 and this is not what security practitioners want to do as they do 
want congruent security policies. As we are kind of circling and not really 
reaching a final agreement, I will change my ballot from DISCUSS to ABSTAIN.

It is a real pity that RFC 8519 and its network ACL data model does not cover 
all IEEE 802 fields and even less the IPv6 ones :-( but this is outside of this 
document scope.

Thank you for implementing the rest of Jean-Michel and my comments.

Regards

-éric


From: "Mr. Jaehoon Paul Jeong" 
Date: Friday, 25 March 2022 at 13:21
To: Eric Vyncke 
Cc: The IESG , "i2nsf@ietf.org" , Roman Danyliw 
, skku-iotlab-members , 
"Mr. Jaehoon Paul Jeong" 
Subject: Re: Request for Review of I2NSF NSF-Facing Interface YANG Data Model 
Draft

Hi Éric,
Here is the revision of I2NSF NSF-Facing Interface YANG Data Model Draft:
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-23

I attach the revision letter.

If this revision is fine to you, please clear your DISCUSS on the IESG 
evaluation.

Thanks.

Best Regards,
Paul

On Mon, Mar 21, 2022 at 9:36 PM Mr. Jaehoon Paul Jeong 
mailto:jaehoon.p...@gmail.com>> wrote:
Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, and 
Zaheduzzaman,
Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22

I attach the revision letter to explain how Patrick and I have reflected your 
comments.
In the 1st page of the revision letter, there is an index table to mark the 
start page
of the comments and responses for each reviewer.

If each of you is satisfied with the revision, please let us know and update 
the status of your stance on this draft.

Thanks.

Best Regards,
Paul
--
===
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department Head
Department of Computer Science and Engineering
Sungkyunkwan University
Office: +82-31-299-4957
Email: paulje...@skku.edu<mailto:paulje...@skku.edu>, 
jaehoon.p...@gmail.com<mailto:jaehoon.p...@gmail.com>
Personal Homepage: 
http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php>


On Mon, Mar 21, 2022 at 5:19 PM 
mailto:internet-dra...@ietf.org>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Interface to Network Security Functions WG of 
the IETF.

Title   : I2NSF Network Security Function-Facing Interface YANG 
Data Model
Authors : Jinyong (Tim) Kim
  Jaehoon (Paul) Jeong
  Jung-Soo Park
  Susan Hares
  Qiushi Lin
Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
Pages   : 82
Date: 2022-03-20

Abstract:
   This document defines a YANG data model for configuring security
   policy rules on Network Security Functions (NSF) in the Interface to
   Network Security Functions (I2NSF) framework.  The YANG data model in
   this document corresponds to the data model in Capability data model
   in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/

There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


___
I2nsf mailing list
I2nsf@ietf.org<mailto:I2nsf@ietf.org>
https://www.ietf.org/mailman/listinfo/i2nsf
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-04 Thread Mr. Jaehoon Paul Jeong

Alexey,
Okay.
How about the following new description?
---
leaf-list exception-files {
  type string;
  description
"The type or name of the files to be excluded by the
 antivirus. This can be used to keep the known
 harmless files. Absolute paths are filenames/paths
 to be excluded and relative ones are interpreted as
 globs."
  reference
"GLOB: Linux Programmer's Manual - GLOB";
}
---

Thanks.

Best Regards,
Paul

On Mon, Apr 4, 2022 at 6:41 PM Alexey Melnikov 
wrote:

> Hi Paul,
> On 02/04/2022 14:57, Mr. Jaehoon Paul Jeong wrote:
>
> Hi Alexey,
> For your last comment, we can do the following correction along with an
> appropriate reference.
>
> -
>
> => Apparently the pattern used for pathnames (e.g., '*.exe') is called a 
> glob, not a regular expression.
>
> glob is different from a regular expression.
>
> For example, to get all files with ".exe" type, the pattern is different:
>
>
>- regular expression: .*\.exe
>- glob: *.exe
>
> Reference to glob: https://man7.org/linux/man-pages/man7/glob.7.html
>
> I can update the description for leaf-list and added a reference as follows:
>
>NEW:
>   leaf-list exception-files {
> type string;
> description
>   "The type or name of the files to be excluded by the
>antivirus. This can be used to keep the known
>harmless files. The value should be interpreted as a
>globbing pathname.
>If the value starts with a character '*' (e.g., '*.exe'),
>the antivirus should interpret it as a file pattern/type
>to be excluded.
>If the value does not start with a character '*' (e.g.,
>'/home/example.exe'), the antivirus should interpret it
>as a file name/path to be excluded.";
> reference
>"GLOB: Linux Programmer's Manual - GLOB";
>
>   }
>
>  I have also added the reference for GLOB to the References section in the 
> XML.
>
> -
>
> Is it fine with you?
>
> This is better, but a globbing pattern can also start with/contain "?" and
> "[", and it doesn't have to start with "*".
> 
>  (Linux globs are
> similar.)
>
> If you want to use a single YANG element for both paths and globs, maybe
> you should say that absolute paths are filenames/paths to be excludes and
> relative ones are interpreted as globs. This would also work on Windows
> platforms.
>
> Best Regards,
>
> Alexey
>
>
> I attach the pdf file of this I-D.
>
> If so, I will submit the revision of this I-D to the IETF repository.
>
> Thanks.
>
> Best Regards,
> Paul
>
> On Sat, Apr 2, 2022 at 12:12 AM Alexey Melnikov 
> wrote:
>
>> Hi Paul,
>> On 21/03/2022 12:36, Mr. Jaehoon Paul Jeong wrote:
>>
>> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray,
>> and Zaheduzzaman,
>> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>> I attach the revision letter to explain how Patrick and I have reflected
>> your comments.
>> In the 1st page of the revision letter, there is an index table to mark
>> the start page
>> of the comments and responses for each reviewer.
>>
>> If each of you is satisfied with the revision, please let us know and
>> update the status of your stance on this draft.
>>
>> You pretty much addressed all of my comments. One of your changes has
>> improved existing text, but it is still not quite clear enough:
>>
>>  leaf-list exception-files {
>>type string;
>>description
>>  "The type or name of the files to be excluded by the
>>   antivirus. This can be used to keep the known
>>   harmless files.
>>   If the value starts with a regular expression (e.g.,
>>   '*.exe'), the antivirus should interpret it as a
>>   file pattern/type to be excluded.
>>   If the value does not start with a dot (e.g.,
>>   'example.exe'), the antivirus should interpret it as
>>   a file name/path to be excluded.";
>>  }
>>}
>>
>> I think the above raises a question of what is a regular expression? Adding 
>> a specific reference would help, as there are variety of syntaxes used for 
>> regular expressions.
>>
>>
>> Best Regards,
>>
>> Alexey
>>
>
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-04 Thread Alexey Melnikov


Hi Paul,

On 02/04/2022 14:57, Mr. Jaehoon Paul Jeong wrote:

Hi Alexey,
For your last comment, we can do the following correction along with 
an appropriate reference.


-
=> Apparently the pattern used for pathnames (e.g., '*.exe') is called 
a glob, not a regular expression.

glob is different from a regular expression.
For example, to get all files with ".exe" type, the pattern is different:

  * regular expression: .*\.exe
  * glob: *.exe
Reference to glob: https://man7.org/linux/man-pages/man7/glob.7.html
I can update the description for leaf-list and added a reference as 
follows:

          NEW:
          leaf-list exception-files {
            type string;
            description
              "The type or name of the files to be excluded by the
               antivirus. This can be used to keep the known
               harmless files. The value should be interpreted as a
globbing pathname.
               If the value starts with a character '*' (e.g., '*.exe'),
     the antivirus should interpret it as a file pattern/type
               to be excluded.
               If the value does not start with a character '*' (e.g.,
               '/home/example.exe'), the antivirus should interpret it
               as a file name/path to be excluded.";
reference
"GLOB: Linux Programmer's Manual - GLOB";
          }
I have also added the reference for GLOB to the References section in 
the XML.

-

Is it fine with you?


This is better, but a globbing pattern can also start with/contain "?" 
and "[", and it doesn't have to start with "*". 
 (Linux globs are 
similar.)


If you want to use a single YANG element for both paths and globs, maybe 
you should say that absolute paths are filenames/paths to be excludes 
and relative ones are interpreted as globs. This would also work on 
Windows platforms.


Best Regards,

Alexey



I attach the pdf file of this I-D.

If so, I will submit the revision of this I-D to the IETF repository.

Thanks.

Best Regards,
Paul

On Sat, Apr 2, 2022 at 12:12 AM Alexey Melnikov 
 wrote:


Hi Paul,

On 21/03/2022 12:36, Mr. Jaehoon Paul Jeong wrote:

Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert,
Murray, and Zaheduzzaman,
Here is the revised draft of I2NSF NSF-Facing Interface YANG Data
Model:

https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22

I attach the revision letter to explain how Patrick and I have
reflected your comments.
In the 1st page of the revision letter, there is an index table
to mark the start page
of the comments and responses for each reviewer.
If each of you is satisfied with the revision, please let us know
and update the status of your stance on this draft.


You pretty much addressed all of my comments. One of your changes
has improved existing text, but it is still not quite clear enough:

  leaf-list exception-files {
type string;
description
  "The type or name of the files to be excluded by the
   antivirus. This can be used to keep the known
   harmless files.
   If the value starts with a regular expression (e.g.,
   '*.exe'), the antivirus should interpret it as a
   file pattern/type to be excluded.
   If the value does not start with a dot (e.g.,
   'example.exe'), the antivirus should interpret it as
   a file name/path to be excluded.";
  }
}

I think the above raises a question of what is a regular expression? Adding 
a specific reference would help, as there are variety of syntaxes used for 
regular expressions.

Best Regards,

Alexey
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-04-01 Thread Alexey Melnikov


Hi Paul,

On 21/03/2022 12:36, Mr. Jaehoon Paul Jeong wrote:
Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, 
and Zaheduzzaman,

Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22

I attach the revision letter to explain how Patrick and I have 
reflected your comments.
In the 1st page of the revision letter, there is an index table to 
mark the start page

of the comments and responses for each reviewer.
If each of you is satisfied with the revision, please let us know and 
update the status of your stance on this draft.


You pretty much addressed all of my comments. One of your changes has 
improved existing text, but it is still not quite clear enough:


 leaf-list exception-files {
   type string;
   description
 "The type or name of the files to be excluded by the
  antivirus. This can be used to keep the known
  harmless files.
  If the value starts with a regular expression (e.g.,
  '*.exe'), the antivirus should interpret it as a
  file pattern/type to be excluded.
  If the value does not start with a dot (e.g.,
  'example.exe'), the antivirus should interpret it as
  a file name/path to be excluded.";
 }
   }

I think the above raises a question of what is a regular expression? Adding a 
specific reference would help, as there are variety of syntaxes used for 
regular expressions.

Best Regards,

Alexey
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-03-24 Thread Mr. Jaehoon Paul Jeong

Zahed,
Thanks a lot.

Best Regards,
Paul

On Mon, Mar 21, 2022 at 9:49 PM Zaheduzzaman Sarker <
zaheduzzaman.sar...@ericsson.com> wrote:

> Thanks for addressing my comments..the proposed resolutions for my
> comments looks good to me.
>
> //Zahed
>
> On 21 Mar 2022, at 13:36, Mr. Jaehoon Paul Jeong 
> wrote:
>
> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, and
> Zaheduzzaman,
> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>
> I attach the revision letter to explain how Patrick and I have reflected
> your comments.
> In the 1st page of the revision letter, there is an index table to mark
> the start page
> of the comments and responses for each reviewer.
>
> If each of you is satisfied with the revision, please let us know and
> update the status of your stance on this draft.
>
> Thanks.
>
> Best Regards,
> Paul
> --
> ===
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department Head
> Department of Computer Science and Engineering
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: paulje...@skku.edu, jaehoon.p...@gmail.com
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
> 
>
>
> On Mon, Mar 21, 2022 at 5:19 PM  wrote:
>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the Interface to Network Security Functions
>> WG of the IETF.
>>
>> Title   : I2NSF Network Security Function-Facing
>> Interface YANG Data Model
>> Authors : Jinyong (Tim) Kim
>>   Jaehoon (Paul) Jeong
>>   Jung-Soo Park
>>   Susan Hares
>>   Qiushi Lin
>> Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
>> Pages   : 82
>> Date: 2022-03-20
>>
>> Abstract:
>>This document defines a YANG data model for configuring security
>>policy rules on Network Security Functions (NSF) in the Interface to
>>Network Security Functions (I2NSF) framework.  The YANG data model in
>>this document corresponds to the data model in Capability data model
>>in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/
>>
>> There is also an htmlized version available at:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>> A diff from the previous version is available at:
>>
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>>
>> Internet-Drafts are also available by rsync at rsync.ietf.org
>> ::internet-drafts
>>
>>
>> ___
>> I2nsf mailing list
>> I2nsf@ietf.org
>> https://www.ietf.org/mailman/listinfo/i2nsf
>>
>
> 
>
>
>
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-03-24 Thread Mr. Jaehoon Paul Jeong

Hi  Éric,
Could you check the revision of NSF-Facing Interface YANG Data Model Draft?
https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-23

If you are fine with the revision, please lift your DISCUSS on the status
of the IESG evaluation.

Thanks.

Best Regards,
Paul

On Mon, Mar 21, 2022 at 9:36 PM Mr. Jaehoon Paul Jeong <
jaehoon.p...@gmail.com> wrote:

> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, and
> Zaheduzzaman,
> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
>
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>
> I attach the revision letter to explain how Patrick and I have reflected
> your comments.
> In the 1st page of the revision letter, there is an index table to mark
> the start page
> of the comments and responses for each reviewer.
>
> If each of you is satisfied with the revision, please let us know and
> update the status of your stance on this draft.
>
> Thanks.
>
> Best Regards,
> Paul
> --
> ===
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department Head
> Department of Computer Science and Engineering
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: paulje...@skku.edu, jaehoon.p...@gmail.com
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
> 
>
>
> On Mon, Mar 21, 2022 at 5:19 PM  wrote:
>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> This draft is a work item of the Interface to Network Security Functions
>> WG of the IETF.
>>
>> Title   : I2NSF Network Security Function-Facing
>> Interface YANG Data Model
>> Authors : Jinyong (Tim) Kim
>>   Jaehoon (Paul) Jeong
>>   Jung-Soo Park
>>   Susan Hares
>>   Qiushi Lin
>> Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
>> Pages   : 82
>> Date: 2022-03-20
>>
>> Abstract:
>>This document defines a YANG data model for configuring security
>>policy rules on Network Security Functions (NSF) in the Interface to
>>Network Security Functions (I2NSF) framework.  The YANG data model in
>>this document corresponds to the data model in Capability data model
>>in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/
>>
>> There is also an htmlized version available at:
>>
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>> A diff from the previous version is available at:
>>
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22
>>
>>
>> Internet-Drafts are also available by rsync at rsync.ietf.org:
>> :internet-drafts
>>
>>
>> ___
>> I2nsf mailing list
>> I2nsf@ietf.org
>> https://www.ietf.org/mailman/listinfo/i2nsf
>>
>
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

2022-03-21 Thread Zaheduzzaman Sarker

Thanks for addressing my comments..the proposed resolutions for my comments 
looks good to me.

//Zahed

> On 21 Mar 2022, at 13:36, Mr. Jaehoon Paul Jeong  
> wrote:
> 
> Hi Alexey, Jean-Michel, Erik, Martin, Éric, Francesca, Robert, Murray, and 
> Zaheduzzaman,
> Here is the revised draft of I2NSF NSF-Facing Interface YANG Data Model:
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>  
> 
> 
> I attach the revision letter to explain how Patrick and I have reflected your 
> comments.
> In the 1st page of the revision letter, there is an index table to mark the 
> start page
> of the comments and responses for each reviewer.
>  
> If each of you is satisfied with the revision, please let us know and update 
> the status of your stance on this draft.
> 
> Thanks.
> 
> Best Regards,
> Paul
> --
> ===
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department Head
> Department of Computer Science and Engineering
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: paulje...@skku.edu , jaehoon.p...@gmail.com 
> 
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php 
> 
> 
> 
> On Mon, Mar 21, 2022 at 5:19 PM  > wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the Interface to Network Security Functions WG 
> of the IETF.
> 
> Title   : I2NSF Network Security Function-Facing Interface 
> YANG Data Model
> Authors : Jinyong (Tim) Kim
>   Jaehoon (Paul) Jeong
>   Jung-Soo Park
>   Susan Hares
>   Qiushi Lin
> Filename: draft-ietf-i2nsf-nsf-facing-interface-dm-22.txt
> Pages   : 82
> Date: 2022-03-20
> 
> Abstract:
>This document defines a YANG data model for configuring security
>policy rules on Network Security Functions (NSF) in the Interface to
>Network Security Functions (I2NSF) framework.  The YANG data model in
>this document corresponds to the data model in Capability data model
>in the I2NSF framework [I-D.ietf-i2nsf-capability-data-model].
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-nsf-facing-interface-dm/ 
> 
> 
> There is also an htmlized version available at:
> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-nsf-facing-interface-dm-22
>  
> 
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-nsf-facing-interface-dm-22 
> 
> 
> 
> Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
> 
> 
> ___
> I2nsf mailing list
> I2nsf@ietf.org 
> https://www.ietf.org/mailman/listinfo/i2nsf 
> 
> 



smime.p7s
Description: S/MIME cryptographic signature
___
I2nsf mailing list
I2nsf@ietf.org
https://www.ietf.org/mailman/listinfo/i2nsf

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

Re: [I2nsf] Request for Review of I2NSF NSF-Facing Interface YANG Data Model Draft

11 matches

Site Navigation

Mail list logo

Footer information