Early Review of draft-ietf-netconf-yp-transport-capabilities-01
review-ietf-netconf-yp-transport-capabilities-01-yangdoctors-early-lindblad-2025-04-21-00
| Request | Review of | draft-ietf-netconf-yp-transport-capabilities |
|---|---|---|
| Requested revision | No specific revision (document currently at 06) | |
| Type | Early Review | |
| Team | YANG Doctors (yangdoctors) | |
| Deadline | 2025-04-22 | |
| Requested | 2025-04-08 | |
| Requested by | Kent Watsen | |
| Authors | Qin Wu , Qiufang Ma , Alex Huang Feng , Thomas Graf | |
| I-D last updated | 2026-05-14 (Latest revision 2026-05-14) | |
| Completed reviews |
Yangdoctors Early review of -01
by Jan Lindblad
(diff)
Opsdir Early review of -03 by Xiao Min (diff) Yangdoctors IETF Last Call review of -05 by Jan Lindblad (diff) Opsdir IETF Last Call review of -05 by Xiao Min (diff) Tsvart IETF Last Call review of -05 by Tommy Pauly (diff) |
|
| Assignment | Reviewer | Jan Lindblad |
| State | Completed | |
| Request | Early review on draft-ietf-netconf-yp-transport-capabilities by YANG Doctors Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/yang-doctors/-1ipyOTL0iezTUel-8PJAIBM42I | |
| Reviewed revision | 01 (document currently at 06) | |
| Result | Ready w/issues | |
| Completed | 2025-04-21 |
review-ietf-netconf-yp-transport-capabilities-01-yangdoctors-early-lindblad-2025-04-21-00
This is my early YANG Doctor review of
draft-ietf-netconf-yp-transport-capabilities-01.
I think this small document and tiny YANG Module is a good idea and well
written. Overall, I'd say it's ready with issues. I read that there are already
multiple vendor implementations of this, but I would still like to bring up a
couple YANG design decisions in the proposed module for discussion.
#1) Choice of key in list transport-capability
The top-level list transport-capability is using the transport protocol as key.
+--ro transport-capability* [transport-protocol]
+--ro transport-protocol identityref
+--ro security-protocol? identityref
+--ro encoding-format* identityref
Using the transport protocol as key implicitly assumes that one set of
properties can describe all uses of this protocol. A server that supports yp
over https with either tls13 OR tls20 (future), for example, could not express
this.
It might also be good for a server to be able to specify a preference value for
each protocol and encoding format. Certain combinations may be faster, or
better tested, for example. In light of this, a separate synthetic key,
possibly indicating preference, might be preferable for this list.
#2) Defining identities for
The module defines identities for TLS versions, DTLS version, and an SSH
version. This might not be ideal, since if e.g. a new TLS version comes around,
a new identity would have to be created in some standard module, besides the
one(s) already defined in other YANG modules. RFC9645, for example, defines
identities for tls12 and tls13 already. They could and probably should be
reused here. Here's an proposed example of how they could be reused.
module ietf-notification-transport-capabilities {
import ietf-tls-common { prefix tlscmn; } // added
...
// identities tls12, tls13 removed
// maybe dtlsXX are or will be defined in some other std module too?
list transport-capability {
key "transport-protocol";
leaf transport-protocol {
type identityref {
base sn:transport;
base tlscmn:tls-version-base; // added
}