Minutes for NETCONF at interim-2015-netconf-1
minutes-interim-2015-netconf-1-4

Minutes of the virtual interim meeting on January 5, 2015 1700-1900 UTC
-------------------------------------------------------------------------------------

Attendees:
        Mehmet Ersue
        Mahesh Jethanandani
        Andy Bierman
        Kent Watsen
        Susan Hares
        Hannes Tschofenig
        Juergen Schoenfelder
        Alan Luchuk
        Reinaldo Penno

Agenda is available at:
http://www.ietf.org/proceedings/interim/2015/01/05/netconf/agenda/agenda-interim-2015-netconf-1

- 5 min chair intro, scribe, agenda bashing
  The notes will betaKent on: http://beta.etherpad.org/p/netconf-Jan05

Issue discussion per WG item:

- Call Home (Kent) (10min)
  Currently 3 openissues.
  See https://github.com/netconf-wg/call-home/issues

    Notes during the discussion:
    no consensus on splitting the draft into two drafts.
    Better readability can be achieved by:
    - break RESTCONF or NETCONF into different sections.
    - another way is that this section could be  broKent out by transport
    sections. However, these sections are highly shared - so this would solve
    the issue.

    Andy: I do not see why these should be broKent into two sentences in this
    section. Kent:  Do you mean two sentences. Mehmet: The four bullets are
    steps.  You can not add bullets, but you could have sub-bullets. Kent: I
    can try it. Mehmet: You do not seem convinced.  Should we have it on the
    mail list? Kent: I agree that it needs to be the complete document. Andy:
    This solution makes sense to me. Readability is subjective. Hannes:
    readability is important. Mehmet: Let's go for this solution.

- Server Model (Kent) (20min)
  Currently 4 openissues.
  See https://github.com/netconf-wg/server-model/issues
  Notes:

    Kent:  WG consensus "not granted" on the issue 21. Resolution is to not
    have a feature statement. around the session options node.  ( Mehmet: can
    you give us an update on issues 18 and issues 24. Kent:  Hannes Tschofenig
    agreed cliient-trust-cert are password, and hence they should be treated as
    the same.  The plan is to add NACM attribute to the yang model for the
    client-trust-cert node indicating that it should only be written by
    permitted users.  Simiilar updates to be made to indicate this in the
    security section. Mehmet: Should we send a solution to the mail list?  We
    can have a 1 week deadline (1/12/2015). Kent needs to update the Server
    Model draft for client authentication to make it consistent. Kent will open
    a new issue for it in GH.

- Zerotouch (Kent) (30min)
  Currently 2 openissues.
  See https://github.com/netconf-wg/zero-touch/issues

    issue 5: Validate if vendors can support owner-validation service (from
    anima WG) Kent will send a request to the mail list. Mehmet: Why are we not
    using Yang instead of  XSD datamodel? Kent: The interesting thing was we
    were using yang, and we used XSD to assert the use of XML but also because
    a grouping configlet would create a top-level mandatory node.

    YANG is about configuration and non-configuration definition. A config-let
    is not a configuration. It is a HTTP file downloaded by the device. The
    data is XML.

    Hannes: There is no requirement to use a schema langauge.
    Kent: This could be defined in Yang and the instance document would be XML.
    Alan Luchuk agrees with the reason for keeping the config-let in XSD format.
    There is also an issue with XML signing and encryption for the config-let.
    XML signing and encryption is not widely adopted. Looking for a simpler
    solution. Hannes suggested using transport layer security.

- rfc5539bis (Juergen) (5min)
  No open issues.
  There was a short discussion on starting WGLC for call-home, server-model and
  5539bis together. Juergen says that this document makes no normative
  reference to server model anymore, so 5539bis is independent of the other
  two. Mehmet suggested that we start WGLC on the document asap. AI for Mehmet.

- Restconf/YANG Patch (Andy) (40min)
  Currently 9/2open issues.
  https://github.com/netconf-wg/restconf/issues
  https://github.com/netconf-wg/yang-patch/issues

RESTCONF Issue#15. Andy has already posted the proposal (S2-B) on the ML Lada
objected, but has not provided clarification. Kent prefers machine readable, so
he does not like S3. He prefers S2-A or S2-B. Whatever solution is preferred
here can then be applied to conflig-let issue in ZeroTouch. Hannes has a
problem with defining protocol operations using a XML schema. Kent surpised by
Hannes objection. IETF has a long tradition of using ABN format. Andy agrees
that the proposed solution is not human readable format and at best is the work
around to the limitation. Andy needs time to update the draft. He can do it for
next Monday.

Yang patch is already updated.
Issue #2 in yang patch is an implementation issue.

Kent wants more discussion around issue #9 of RESTCONF. Per the notes in GH,
BasisAuth needs to be supported. Server needs to support a small number of
client (password and client-auth) authentication.Server needs to support at
least one of password, digest and client-auth. Andy has no objection to the
proposed solution. Currently, as written, the draft says BasicAuth has to be
supported. That according to Kent is not realistic. Passwords are inherently
less secure. It also requires all server to support BasicAuth. Juergen comments
that for interoperability, you need a common baseline. Either or is broken for
interoperability. He suggests that choice of auth is a deployment policy and
should not be hard coded. Mehmet suggests to start LC on RESTCONF and
yang-patch next Monday with this issue open for discussion. Kent can bring the
issue to the maillist.

- 5 min AOB other topics
Susan Hares will provide an update. The i2rs interim meeting had a discussion
around the RIB model and what NETCONF needs to provide. Susan will have a
discussion with Jeff and post the questions the group has to the ML.

ME: The next meeting is on 2015-01-19 1700 UTC.
We will plan a I2RS slot for discussion with Jeff Haas and others.