YANG Data Model for Network Access Control Lists (ACLs)
RFC 8519
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2019-06-24
|
21 | (System) | Received changes through RFC Editor sync (added Errata tag) |
|
2019-03-12
|
21 | (System) | Received changes through RFC Editor sync (created alias RFC 8519, changed title to 'YANG Data Model for Network Access Control Lists (ACLs)', changed abstract … Received changes through RFC Editor sync (created alias RFC 8519, changed title to 'YANG Data Model for Network Access Control Lists (ACLs)', changed abstract to 'This document defines a data model for Access Control Lists (ACLs). An ACL is a user-ordered set of rules used to configure the forwarding behavior in a device. Each rule is used to find a match on a packet and define actions that will be performed on the packet.', changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2019-03-12, changed IESG state to RFC Published) |
|
2019-03-12
|
21 | (System) | RFC published |
|
2019-03-06
|
21 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8519">AUTH48-DONE</a> from AUTH48 |
|
2019-03-04
|
21 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8519">AUTH48</a> from AUTH48-DONE |
|
2019-02-19
|
21 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8519">AUTH48-DONE</a> from AUTH48 |
|
2019-01-28
|
21 | (System) | RFC Editor state changed to <a href="http://www.rfc-editor.org/auth48/rfc8519">AUTH48</a> from RFC-EDITOR |
|
2018-12-17
|
21 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
|
2018-11-09
|
21 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on Authors |
|
2018-11-08
|
21 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2018-11-08
|
21 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
|
2018-11-08
|
21 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2018-11-07
|
21 | (System) | IANA Action state changed to In Progress |
|
2018-11-07
|
21 | (System) | RFC Editor state changed to EDIT |
|
2018-11-07
|
21 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
|
2018-11-07
|
21 | (System) | Announcement was received by RFC Editor |
|
2018-11-06
|
21 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
|
2018-11-06
|
21 | Cindy Morgan | IESG has approved the document |
|
2018-11-06
|
21 | Cindy Morgan | Closed "Approve" ballot |
|
2018-11-06
|
21 | Cindy Morgan | Ballot approval text was generated |
|
2018-11-06
|
21 | Ignas Bagdonas | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
|
2018-11-06
|
21 | Mirja Kühlewind | [Ballot comment] Thanks for addressing my discuss! |
|
2018-11-06
|
21 | Mirja Kühlewind | [Ballot Position Update] Position for Mirja Kühlewind has been changed to No Objection from Discuss |
|
2018-11-06
|
21 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-21.txt |
|
2018-11-06
|
21 | (System) | New version approved |
|
2018-11-06
|
21 | (System) | Request for posting confirmation emailed to previous authors: Lisa Huang <huangyi_99@yahoo.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com>, Dana Blair … Request for posting confirmation emailed to previous authors: Lisa Huang <huangyi_99@yahoo.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com>, Dana Blair <dana@blairhome.com> |
|
2018-11-06
|
21 | Mahesh Jethanandani | Uploaded new revision |
|
2018-10-01
|
20 | Suresh Krishnan | [Ballot comment] Thanks for addressing my DISCUSS point. |
|
2018-10-01
|
20 | Suresh Krishnan | [Ballot Position Update] Position for Suresh Krishnan has been changed to No Objection from Discuss |
|
2018-10-01
|
20 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
|
2018-10-01
|
20 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
|
2018-10-01
|
20 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-20.txt |
|
2018-10-01
|
20 | (System) | New version approved |
|
2018-10-01
|
20 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com> |
|
2018-10-01
|
20 | Mahesh Jethanandani | Uploaded new revision |
|
2018-09-28
|
19 | Benjamin Kaduk | [Ballot comment] Thank you for quickly (and, partially, preemptively!) addressing my Discuss points. Original comments preserved below. I tried to call out the editorial nits … [Ballot comment] Thank you for quickly (and, partially, preemptively!) addressing my Discuss points. Original comments preserved below. I tried to call out the editorial nits as such; there are a couple non-editorial comments embedded within. Section 1 The match criteria allows for definition of packet headers and metadata, all of which must be true for the match to occur. nit: Is this missing a word like "contents"? The matching of filters and actions in an ACE/ACL are triggered only after application/attachment of the ACL to an interface, VRF, vty/tty session, QoS policy, routing protocols amongst various other config attachment points. nit: I think the end of this list needs some clarification/termination, like "and routing protocols, amongst" Section 3 The match criteria allows for definition of packet headers or metadata, if supported by the vendor. [...] (same nit as above re "contents") Metadata matching applies to fields associated with the packet, but not in the packet header such as input interface, packet length, or source or destination prefix length. The actions can be any sort of nit: comma after "not in the packet header" Section 4.1 nit: The feature match-on-udp and -icmp descriptions should probably use the plural "headers" to match the other features' descriptions. The mixed-<blah> features seem to implicitly assume that if features X and Y are individually supported, then the combination is also supported. I could imagine that there might exist hardware for which that assumption is not true, but don't know if there actually is any such hardware or it's common enough to be worth caring about here. grouping acl-counters { leaf matched-packets { [...] An implementation should provide this counter on a per-interface per-ACL-entry if possible. nit: missing "basis"? (Also in subsequent instances.) Section A.1 It's unclear that using abc@newco.com (in particular, the @newco.com part) in an example is reasonable; @newco.example would be better. |
|
2018-09-28
|
19 | Benjamin Kaduk | [Ballot Position Update] Position for Benjamin Kaduk has been changed to No Objection from Discuss |
|
2018-09-28
|
19 | Alissa Cooper | [Ballot comment] Thanks all for getting my question about the IEEE answered. Original COMMENT: Sec 1: s/Policy Based Routing, Firewalls etc./policy-based routing, firewalls, etc./ "The … [Ballot comment] Thanks all for getting my question about the IEEE answered. Original COMMENT: Sec 1: s/Policy Based Routing, Firewalls etc./policy-based routing, firewalls, etc./ "The matching of filters and actions in an ACE/ACL are triggered only after application/attachment of the ACL to an interface, VRF, vty/tty session, QoS policy, routing protocols amongst various other config attachment points." This is a sentence fragment. s/in the ACE's/in the ACEs/ Sec 3.1: "There are two YANG modules in the model." Is this technically correct, given that ietf-ethertypes is also defined here? Also, I don't think the definition of ietf-ethertypes belongs in an appendix under the heading "Extending ACL model examples." I can imagine that other modules will want to import this module and that seems like a strange place to put it. Sec 4.1: For avoidance of confusion, I would suggest replacing "l2," "l3," and "l4" with "layer2," "layer3," and "layer4," respectively. s/Definitions of action for this ace entry/Definitions of action for this ACE entry/ s/Specifies the forwarding action per ace entry/Specifies the forwarding action per ACE entry/ Sec 4.2: "This module imports definitions from Common YANG Data Types [RFC6991] and references IP [RFC0791], ICMP [RFC0792], Definition of the Differentiated Services Field in the IPv4 and IPv6 Headers [RFC2474], The Addition of Explicit Congestion Notification (ECN) to IP [RFC3168], , IPv6 Scoped Address Architecture [RFC4007], IPv6 Addressing Architecture [RFC4291], A Recommendation for IPv6 Address Text Representation [RFC5952], IPv6 [RFC8200]." It looks like something is missing from this list, possibly RFC 793. Sec 5: In this section or elsewhere it would be nice to see a sentence noting that this YANG model allows the configuration of packet logging, which if used would additionally warrant protections against unauthorized log access and a logs retention policy. |
|
2018-09-28
|
19 | Alissa Cooper | [Ballot Position Update] Position for Alissa Cooper has been changed to No Objection from Discuss |
|
2018-09-27
|
19 | Jean Mahoney | Request for Telechat review by GENART Completed: Ready. Reviewer: Meral Shirazipour. |
|
2018-09-27
|
19 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
|
2018-09-27
|
19 | Alexey Melnikov | [Ballot comment] I would have been "Yes" if I read the document more attentively. Agreeing with Mirja's and Benjamin's DISCUSS points. |
|
2018-09-27
|
19 | Alexey Melnikov | Ballot comment text updated for Alexey Melnikov |
|
2018-09-26
|
19 | Adam Roach | [Ballot comment] Thanks to everyone who contributed their time and knowledge to this document. I have two minor comments. Throughout the data module, the terms … [Ballot comment] Thanks to everyone who contributed their time and knowledge to this document. I have two minor comments. Throughout the data module, the terms "ace" and "ACE" are used interchangeably. It would probably be good to rationalize these (I would suggest "ACE"). --------------------------------------------------------------------------- §4.3 and 4.4: These examples use IPv4 addresses exclusively. Please update to use IPv6 or a mix of IPv4 and IPv6. See https://www.iab.org/2016/11/07/iab-statement-on-ipv6/ for additional information. |
|
2018-09-26
|
19 | Adam Roach | [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach |
|
2018-09-26
|
19 | Suresh Krishnan | [Ballot discuss] This document is missing ACL handling for ICMPv6 (RFC4443) completely. As the ICMP types and codes are different for ICMP and … [Ballot discuss] This document is missing ACL handling for ICMPv6 (RFC4443) completely. As the ICMP types and codes are different for ICMP and ICMPv6 I think this model should be included to cover ICMPv6. |
|
2018-09-26
|
19 | Suresh Krishnan | [Ballot Position Update] New position, Discuss, has been recorded for Suresh Krishnan |
|
2018-09-26
|
19 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
|
2018-09-26
|
19 | Warren Kumari | [Ballot comment] --- original DISCUSS for archives ---- Be ye not afraid -- this DISCUSS is easily cleared, but sufficiently important that I thought it … [Ballot comment] --- original DISCUSS for archives ---- Be ye not afraid -- this DISCUSS is easily cleared, but sufficiently important that I thought it worth making, and making sure it didn't slip through the cracks. The description for match-on-ipv4 says: "The device can support matching on IPv4 headers.", but the description for 'match-on-tcp', 'match-on-udp', 'match-on-icmp' say: "The device can support <protocol> headers." I really think that these need to be "The device can support matching on <protocol> headers." ------ Section 1: "In case a vendor supports it, metadata matches apply to fields associated with the packet but not in the packet header such as input interface or overall packet length". I don't have a suggested replacement, but seeing as this is introductory text, I figured it was aimed at people not familiar with how forwarding / filtering works. I'm slightly concerned that some people will get confused, because almost all protocols include a "packet length" in the header. Perhaps just dropping the "or overall packet length"? (Yes, we could get into a long thing on protocol packet length, and overall length, etc, but that's likely to not be helpful in the document). Section 2: Nit: "It is very important that model can be used easily by applications/attachments." models. Section 3: "Packet header matching applies to fields visible in the packet such as address or CoS or port numbers." CoS isn't expanded, and isn't in the well known acronyms list. RFC2474 perhaps? Section 3: "These include features such as "Device can support ethernet headers" or "Device can support of IPv4 headers". "can support of" makes no sense. Also, I *think* Ethernet is uppercase. This is a nit. |
|
2018-09-26
|
19 | Warren Kumari | [Ballot Position Update] Position for Warren Kumari has been changed to No Objection from Discuss |
|
2018-09-26
|
19 | Alissa Cooper | [Ballot discuss] We previously had a work item we were tracking with the IEEE leadership around the IEEE writing a YANG module for ethertypes. I … [Ballot discuss] We previously had a work item we were tracking with the IEEE leadership around the IEEE writing a YANG module for ethertypes. I just wanted to check that the IEEE is aware that this document is defining a placeholder module for ethertypes until such time that they define one. |
|
2018-09-26
|
19 | Alissa Cooper | [Ballot comment] Sec 1: s/Policy Based Routing, Firewalls etc./policy-based routing, firewalls, etc./ "The matching of filters and actions in an ACE/ACL are triggered only … [Ballot comment] Sec 1: s/Policy Based Routing, Firewalls etc./policy-based routing, firewalls, etc./ "The matching of filters and actions in an ACE/ACL are triggered only after application/attachment of the ACL to an interface, VRF, vty/tty session, QoS policy, routing protocols amongst various other config attachment points." This is a sentence fragment. s/in the ACE's/in the ACEs/ Sec 3.1: "There are two YANG modules in the model." Is this technically correct, given that ietf-ethertypes is also defined here? Also, I don't think the definition of ietf-ethertypes belongs in an appendix under the heading "Extending ACL model examples." I can imagine that other modules will want to import this module and that seems like a strange place to put it. Sec 4.1: For avoidance of confusion, I would suggest replacing "l2," "l3," and "l4" with "layer2," "layer3," and "layer4," respectively. s/Definitions of action for this ace entry/Definitions of action for this ACE entry/ s/Specifies the forwarding action per ace entry/Specifies the forwarding action per ACE entry/ Sec 4.2: "This module imports definitions from Common YANG Data Types [RFC6991] and references IP [RFC0791], ICMP [RFC0792], Definition of the Differentiated Services Field in the IPv4 and IPv6 Headers [RFC2474], The Addition of Explicit Congestion Notification (ECN) to IP [RFC3168], , IPv6 Scoped Address Architecture [RFC4007], IPv6 Addressing Architecture [RFC4291], A Recommendation for IPv6 Address Text Representation [RFC5952], IPv6 [RFC8200]." It looks like something is missing from this list, possibly RFC 793. Sec 5: In this section or elsewhere it would be nice to see a sentence noting that this YANG model allows the configuration of packet logging, which if used would additionally warrant protections against unauthorized log access and a logs retention policy. |
|
2018-09-26
|
19 | Alissa Cooper | [Ballot Position Update] New position, Discuss, has been recorded for Alissa Cooper |
|
2018-09-26
|
19 | Warren Kumari | [Ballot discuss] Be ye not afraid -- this DISCUSS is easily cleared, but sufficiently important that I thought it worth making, and making sure it … [Ballot discuss] Be ye not afraid -- this DISCUSS is easily cleared, but sufficiently important that I thought it worth making, and making sure it didn't slip through the cracks. The description for match-on-ipv4 says: "The device can support matching on IPv4 headers.", but the description for 'match-on-tcp', 'match-on-udp', 'match-on-icmp' say: "The device can support <protocol> headers." I really think that these need to be "The device can support matching on <protocol> headers." |
|
2018-09-26
|
19 | Warren Kumari | [Ballot comment] Section 1: "In case a vendor supports it, metadata matches apply to fields associated with the packet but not in the packet header … [Ballot comment] Section 1: "In case a vendor supports it, metadata matches apply to fields associated with the packet but not in the packet header such as input interface or overall packet length". I don't have a suggested replacement, but seeing as this is introductory text, I figured it was aimed at people not familiar with how forwarding / filtering works. I'm slightly concerned that some people will get confused, because almost all protocols include a "packet length" in the header. Perhaps just dropping the "or overall packet length"? (Yes, we could get into a long thing on protocol packet length, and overall length, etc, but that's likely to not be helpful in the document). Section 2: Nit: "It is very important that model can be used easily by applications/attachments." models. Section 3: "Packet header matching applies to fields visible in the packet such as address or CoS or port numbers." CoS isn't expanded, and isn't in the well known acronyms list. RFC2474 perhaps? Section 3: "These include features such as "Device can support ethernet headers" or "Device can support of IPv4 headers". "can support of" makes no sense. Also, I *think* Ethernet is uppercase. This is a nit. |
|
2018-09-26
|
19 | Warren Kumari | [Ballot Position Update] New position, Discuss, has been recorded for Warren Kumari |
|
2018-09-26
|
19 | Ben Campbell | [Ballot comment] I support Benjamin’s and Mirja’s DISCUSS points. |
|
2018-09-26
|
19 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
|
2018-09-26
|
19 | Benjamin Kaduk | [Ballot discuss] I think this is good work to have, overall, and the document pretty easy to read. That said, I think the Security Considerations … [Ballot discuss] I think this is good work to have, overall, and the document pretty easy to read. That said, I think the Security Considerations need to be expanded a bit more before this document get published: Write operations (e.g., <edit-config>) to these data nodes without proper protection can have a negative effect on network operations. I think the effects can be on more than just *network* operations, there can be negative effects for end systems that (e.g.) experience DoS attacks that would otherwise have been blocked, receive maliciously crafted packets that trigger application bugs, are used as part of (e.g.) UDP amplification attacks, etc. /acls/acl/aces: This list specifies all the configured access control entries on the device. Unauthorized write access to this list can allow intruders to access and control the system. Unauthorized read access to this list can allow intruders to spoof packets with authorized addresses thereby compromising the system. I agree with the secdir reviewer that "the system" needs to be clarified, and that the consequences of unauthorized write and read access need to be more clearly described. His proposed text is much better than the present text, though there are other ways to convey the needed information. |
|
2018-09-26
|
19 | Benjamin Kaduk | [Ballot comment] I tried to call out the editorial nits as such; there are a couple non-editorial comments embedded within. Section 1 The match … [Ballot comment] I tried to call out the editorial nits as such; there are a couple non-editorial comments embedded within. Section 1 The match criteria allows for definition of packet headers and metadata, all of which must be true for the match to occur. nit: Is this missing a word like "contents"? The matching of filters and actions in an ACE/ACL are triggered only after application/attachment of the ACL to an interface, VRF, vty/tty session, QoS policy, routing protocols amongst various other config attachment points. nit: I think the end of this list needs some clarification/termination, like "and routing protocols, amongst" Section 3 The match criteria allows for definition of packet headers or metadata, if supported by the vendor. [...] (same nit as above re "contents") Metadata matching applies to fields associated with the packet, but not in the packet header such as input interface, packet length, or source or destination prefix length. The actions can be any sort of nit: comma after "not in the packet header" Section 4.1 nit: The feature match-on-udp and -icmp descriptions should probably use the plural "headers" to match the other features' descriptions. The mixed-<blah> features seem to implicitly assume that if features X and Y are individually supported, then the combination is also supported. I could imagine that there might exist hardware for which that assumption is not true, but don't know if there actually is any such hardware or it's common enough to be worth caring about here. grouping acl-counters { leaf matched-packets { [...] An implementation should provide this counter on a per-interface per-ACL-entry if possible. nit: missing "basis"? (Also in subsequent instances.) Section A.1 It's unclear that using abc@newco.com (in particular, the @newco.com part) in an example is reasonable; @newco.example would be better. |
|
2018-09-26
|
19 | Benjamin Kaduk | [Ballot Position Update] New position, Discuss, has been recorded for Benjamin Kaduk |
|
2018-09-26
|
19 | Alexey Melnikov | [Ballot comment] I would have been "Yes" if I read the document more attentively. Agreeing with Mirja's DISCUSS points. |
|
2018-09-26
|
19 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov |
|
2018-09-25
|
19 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
|
2018-09-25
|
19 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
|
2018-09-25
|
19 | Joe Clarke | Request for Telechat review by OPSDIR Completed: Has Nits. Reviewer: Joe Clarke. Sent review to list. |
|
2018-09-21
|
19 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Joe Clarke |
|
2018-09-21
|
19 | Gunter Van de Velde | Request for Telechat review by OPSDIR is assigned to Joe Clarke |
|
2018-09-21
|
19 | Mirja Kühlewind | [Ballot discuss] 1) The tcp options element is type uint32, however, the option field in the TCP header can be up to 40 bytes. 2) … [Ballot discuss] 1) The tcp options element is type uint32, however, the option field in the TCP header can be up to 40 bytes. 2) Why are only TCP and UDP supported? What's about SCTP and DCCP? 3) The icmp rest-of-header can also be larger than 4 bytes but the type is uint32 again. |
|
2018-09-21
|
19 | Mirja Kühlewind | [Ballot Position Update] New position, Discuss, has been recorded for Mirja Kühlewind |
|
2018-09-13
|
19 | Jean Mahoney | Request for Telechat review by GENART is assigned to Meral Shirazipour |
|
2018-09-13
|
19 | Jean Mahoney | Request for Telechat review by GENART is assigned to Meral Shirazipour |
|
2018-09-11
|
19 | Ignas Bagdonas | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
|
2018-09-11
|
19 | Ignas Bagdonas | IESG state changed to Waiting for AD Go-Ahead from Waiting for Writeup |
|
2018-09-10
|
19 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from IANA - Not OK |
|
2018-09-10
|
19 | Amy Vezza | Placed on agenda for telechat - 2018-09-27 |
|
2018-09-10
|
19 | Ignas Bagdonas | Ballot has been issued |
|
2018-09-10
|
19 | Ignas Bagdonas | [Ballot Position Update] New position, Yes, has been recorded for Ignas Bagdonas |
|
2018-09-10
|
19 | Ignas Bagdonas | Created "Approve" ballot |
|
2018-09-10
|
19 | Ignas Bagdonas | Ballot writeup was changed |
|
2018-08-29
|
19 | Jean Mahoney | Closed request for Last Call review by GENART with state 'No Response' |
|
2018-07-17
|
19 | Min Ye | Request for Telechat review by RTGDIR Completed: Ready. Reviewer: Manav Bhatia. |
|
2018-07-11
|
19 | Allison Mankin | Request for Last Call review by TSVART Completed: Almost Ready. Reviewer: Allison Mankin. |
|
2018-07-09
|
19 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
|
2018-07-05
|
19 | (System) | IANA Review state changed to IANA - Not OK from IANA - Review Needed |
|
2018-07-05
|
19 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-netmod-acl-model-19. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-netmod-acl-model-19. If any part of this review is inaccurate, please let us know. The IANA Functions Operator has a question about one of the actions requested in the IANA Considerations section of this document. The IANA Functions Operator understands that, upon approval of this document, there are two actions which we must complete. First, in the ns registry on the IETF XML Registry page located at: https://www.iana.org/assignments/xml-registry/ three, new namespaces will be registered as follows: ID: yang:ietf-access-control-list URI: urn:ietf:params:xml:ns:yang:ietf-access-control-list Filename: [ TBD-at-Registration ] Reference: [ RFC-to-be ] ID: yang:ietf-packet-fields URI: urn:ietf:params:xml:ns:yang:ietf-packet-fields Filename: [ TBD-at-Registration ] Reference: [ RFC-to-be ] ID: yang:ietf-ethertypes URI: uurn:ietf:params:xml:ns:yang:ietf-ethertypes Filename: [ TBD-at-Registration ] Reference: [ RFC-to-be ] As this document requests registrations in a Specification Required (see RFC 8126) registry, we will initiate the required Expert Review via a separate request. Expert review will need to be completed before your document can be approved for publication as an RFC. Second, in the YANG Module Names registry on the YANG Parameters registry page located at: https://www.iana.org/assignments/yang-parameters/ three, new YANG modules will be registered as follows: Name: ietf-access-control-list File: [ TBD-at-Registration ] Maintained by IANA? Namespace: urn:ietf:params:xml:ns:yang:ietf-access-control-list Prefix: acl Module: Reference: [ RFC-to-be ] Name: ietf-packet-fields File: [ TBD-at-Registration ] Maintained by IANA? Namespace: urn:ietf:params:xml:ns:yang:ietf-packet-fields Prefix: packet-fields Module: Reference: [ RFC-to-be ] Name: ietf-ethertypes File: [ TBD-at-Registration ] Maintained by IANA? Namespace: urn:ietf:params:xml:ns:yang:ietf-ethertypes Prefix: ethertypes Module: Reference: [ RFC-to-be ] IANA Question --> What should be the entry for the registry value "Maintained by IANA?" for these new YANG modules? While the YANG module names will be registered after the IESG approves the document, the YANG module files will be posted after the RFC Editor notifies us that the document has been published. The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed. Thank you, Sabrina Tanamal Senior IANA Services Specialist |
|
2018-07-05
|
19 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Steve Hanna. |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Manav Bhatia |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Manav Bhatia |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Ron Bonica |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Ron Bonica |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Matthew Bocci |
|
2018-07-04
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Matthew Bocci |
|
2018-07-03
|
19 | Magnus Westerlund | Request for Last Call review by TSVART is assigned to Allison Mankin |
|
2018-07-03
|
19 | Magnus Westerlund | Request for Last Call review by TSVART is assigned to Allison Mankin |
|
2018-06-28
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Manav Bhatia |
|
2018-06-28
|
19 | Min Ye | Request for Telechat review by RTGDIR is assigned to Manav Bhatia |
|
2018-06-28
|
19 | Jean Mahoney | Request for Last Call review by GENART is assigned to Jouni Korhonen |
|
2018-06-28
|
19 | Jean Mahoney | Request for Last Call review by GENART is assigned to Jouni Korhonen |
|
2018-06-27
|
19 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Steve Hanna |
|
2018-06-27
|
19 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Steve Hanna |
|
2018-06-27
|
19 | Alvaro Retana | Requested Telechat review by RTGDIR |
|
2018-06-25
|
19 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
|
2018-06-25
|
19 | Amy Vezza | The following Last Call announcement was sent out (ends 2018-07-09):<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: ibagdona@gmail.com, netmod-chairs@ietf.org, … The following Last Call announcement was sent out (ends 2018-07-09):<br><br>From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> CC: ibagdona@gmail.com, netmod-chairs@ietf.org, kwatsen@juniper.net, netmod@ietf.org, Kent Watsen <kwatsen@juniper.net>, draft-ietf-netmod-acl-model@ietf.org Reply-To: ietf@ietf.org Sender: <iesg-secretary@ietf.org> Subject: Last Call: <draft-ietf-netmod-acl-model-19.txt> (Network Access Control List (ACL) YANG Data Model) to Proposed Standard The IESG has received a request from the Network Modeling WG (netmod) to consider the following document: - 'Network Access Control List (ACL) YANG Data Model' <draft-ietf-netmod-acl-model-19.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2018-07-09. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines a data model for Access Control List (ACL). An ACL is a user-ordered set of rules, used to configure the forwarding behavior in device. Each rule is used to find a match on a packet, and define actions that will be performed on the packet. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-netmod-acl-model/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-netmod-acl-model/ballot/ No IPR declarations have been submitted directly on this I-D. |
|
2018-06-25
|
19 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
|
2018-06-25
|
19 | Amy Vezza | Last call announcement was changed |
|
2018-06-24
|
19 | Ignas Bagdonas | Last call was requested |
|
2018-06-24
|
19 | Ignas Bagdonas | Last call announcement was generated |
|
2018-06-24
|
19 | Ignas Bagdonas | Ballot approval text was generated |
|
2018-06-24
|
19 | Ignas Bagdonas | Ballot writeup was generated |
|
2018-06-24
|
19 | Ignas Bagdonas | IESG state changed to Last Call Requested from AD Evaluation |
|
2018-06-12
|
19 | Ignas Bagdonas | IESG state changed to AD Evaluation from Publication Requested |
|
2018-05-21
|
19 | Kent Watsen | As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated … As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? A Proposed Standard is being requested. A proposed standard is needed to ensure interoperability. The title page header indicates that it is a Standards Track document. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. From the Abstract: This document defines a data model for Access Control List (ACL). An ACL is a user-ordered set of rules, used to configure the forwarding behavior in device. Each rule is used to find a match on a packet, and define actions that will be performed on the packet. Working Group Summary Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? The document was originally had a different primary author (see doc history if name is important) but then, when issues were raised, the author didn't have time to work on them, and a new set of authors came in, and decided on a different solution in order to resolve the issues raised. The original author didn't agree with the changes and asked to be removed. At the moment, the document appears to have strong WG consensus. The authors have been attentive to addressing the many issues raised over time. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? There have been no implementations of this YANG module as of yet, as far as I'm aware. That said, the lead developer of firewalls at a large vendor is an author, and has been attentive to implementability throughout the effort. Personnel Who is the Document Shepherd? Who is the Responsible Area Director? The Shepherd is Kent Watsen. The AD is Ignas Bagdonas. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The Document Shepherd went through the "checklist" listed here: http://trac.tools.ietf.org/group/iesg/trac/wiki/DraftShepherdWriteupWgAlternate (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Plenty of input from operators. The shepherd wishes that there was more involvement from vendors but, given how long the draft has been a work-in-progress, one can only conclude that it's not something the vendors prioritized working on. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. Beyond YANG, there isn't a need for any review from a particular or broader perspective. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. The shepherd has heard that some view the solution defined here as being particular to firewalls, and yet ACLs are used for other features too, thus using the acronym "acl" might be over-reaching a bit. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. [UPDATED 5/22] IPR responses have now been received from all the authors. Mailman: https://mailarchive.ietf.org/arch/msg/netmod/rGGvgA_mfmIZn4qX7zopdZWCue0 MHonArc: https://www.ietf.org/mail-archive/web/netmod/current/msg20881.html (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been filed that reference this document. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? Strong concurrence of a few individuals, with others being silent (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No one has threatened an appeal, but the aforementioned former author expressed extreme discontent, though not having cycles to actually engage in discussion, leaves us to thinking that the author is in the rough. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No meaningful IDnits are found with the current version (-19). There are four "weird spacing" warnings, but they are non-issues as they appear inside the YANG-based artwork. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. (13) Have all references within this document been identified as either normative or informative? Yes, but isn't this always the case? Perhaps the question is if they have been *correctly* identified, in which case the shepherd thinks that they are in -19. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? All normative references have already advanced to RFC status. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. There are no downward normative references. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. The publication of this document will NOT change the status of any existing RFCs. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). Yes, the IANA Considerations section appears complete and accurate. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. This document does not define any new IANA registries. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. The shepherd validated all yang modules using both the `pyang` and `yanglint` tools. The shepherd also validated the five XML examples in Section 4 of the document using the `yanglint` tool. |
|
2018-04-27
|
19 | Kent Watsen | As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated … As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? A Proposed Standard is being requested. A proposed standard is needed to ensure interoperability. The title page header indicates that it is a Standards Track document. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. From the Abstract: This document defines a data model for Access Control List (ACL). An ACL is a user-ordered set of rules, used to configure the forwarding behavior in device. Each rule is used to find a match on a packet, and define actions that will be performed on the packet. Working Group Summary Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? The document was originally had a different primary author (see doc history if name is important) but then, when issues were raised, the author didn't have time to work on them, and a new set of authors came in, and decided on a different solution in order to resolve the issues raised. The original author didn't agree with the changes and asked to be removed. At the moment, the document appears to have strong WG consensus. The authors have been attentive to addressing the many issues raised over time. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? There have been no implementations of this YANG module as of yet, as far as I'm aware. That said, the lead developer of firewalls at a large vendor is an author, and has been attentive to implementability throughout the effort. Personnel Who is the Document Shepherd? Who is the Responsible Area Director? The Shepherd is Kent Watsen. The AD is Ignas Bagdonas. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The Document Shepherd went through the "checklist" listed here: http://trac.tools.ietf.org/group/iesg/trac/wiki/DraftShepherdWriteupWgAlternate (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Plenty of input from operators. The shepherd wishes that there was more involvement from vendors but, given how long the draft has been a work-in-progress, one can only conclude that it's not something the vendors prioritized working on. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. Beyond YANG, there isn't a need for any review from a particular or broader perspective. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. The shepherd has heard that some view the solution defined here as being particular to firewalls, and yet ACLs are used for other features too, thus using the acronym "acl" might be over-reaching a bit. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. IPR responses have been received only from the active authors. Mailman: https://mailarchive.ietf.org/arch/msg/netmod/rGGvgA_mfmIZn4qX7zopdZWCue0 MHonArc: https://www.ietf.org/mail-archive/web/netmod/current/msg20881.html IPR responses have not been received from the inactive authors, who have not been heard from in almost two years, back before the draft was, for the most part, rewritten. One of the inactive's author's email has been returning bounced messages for a few months, no one seems to know his current email address. An email sent to co-chairs and AD yesterday regarding what to do has not yet received a reply... (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been filed that reference this document. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? Strong concurrence of a few individuals, with others being silent (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No one has threatened an appeal, but the aforementioned former author expressed extreme discontent, though not having cycles to actually engage in discussion, leaves us to thinking that the author is in the rough. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No meaningful IDnits are found with the current version (-19). There are four "weird spacing" warnings, but they are non-issues as they appear inside the YANG-based artwork. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. (13) Have all references within this document been identified as either normative or informative? Yes, but isn't this always the case? Perhaps the question is if they have been *correctly* identified, in which case the shepherd thinks that they are in -19. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? All normative references have already advanced to RFC status. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. There are no downward normative references. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. The publication of this document will NOT change the status of any existing RFCs. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). Yes, the IANA Considerations section appears complete and accurate. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. This document does not define any new IANA registries. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. The shepherd validated all yang modules using both the `pyang` and `yanglint` tools. The shepherd also validated the five XML examples in Section 4 of the document using the `yanglint` tool. |
|
2018-04-27
|
19 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-19.txt |
|
2018-04-27
|
19 | (System) | New version approved |
|
2018-04-27
|
19 | (System) | Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal … Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com> |
|
2018-04-27
|
19 | Mahesh Jethanandani | Uploaded new revision |
|
2018-04-26
|
18 | Kent Watsen | [Hi Ignas. There are some minor updates needed, per https://mailarchive.ietf.org/arch/msg/netmod/tzZEsmGJBIcU7EP0pF8wvMjA9wI. You can go ahead are start processing this document now (if so inclined) with … [Hi Ignas. There are some minor updates needed, per https://mailarchive.ietf.org/arch/msg/netmod/tzZEsmGJBIcU7EP0pF8wvMjA9wI. You can go ahead are start processing this document now (if so inclined) with the assumption that an updated draft will be posted to address said issues, and that I'll come back and edit this shepherd writeup to remove this note and some of the comments below. I imagine all this happening before you put this document up on the Tele-Chat. Kent] As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? A Proposed Standard is being requested. A proposed standard is needed to ensure interoperability. The title page header indicates that it is a Standards Track document. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. From the Abstract: This document defines a data model for Access Control List (ACL). An ACL is a user-ordered set of rules, used to configure the forwarding behavior in device. Each rule is used to find a match on a packet, and define actions that will be performed on the packet. Working Group Summary Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? The document was originally had a different primary author (see doc history if name is important) but then, when issues were raised, the author didn't have time to work on them, and a new set of authors came in, and decided on a different solution in order to resolve the issues raised. The original author didn't agree with the changes and asked to be removed. At the moment, the document appears to have strong WG consensus. The authors have been attentive to addressing the many issues raised over time. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? There have been no implementations of this YANG module as of yet, as far as I'm aware. That said, the lead developer of firewalls at a large vendor is an author, and has been attentive to implementability throughout the effort. Personnel Who is the Document Shepherd? Who is the Responsible Area Director? The Shepherd is Kent Watsen. The AD is Ignas Bagdonas. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The Document Shepherd went through the "checklist" listed here: http://trac.tools.ietf.org/group/iesg/trac/wiki/DraftShepherdWriteupWgAlternate (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Plenty of input from operators. The shepherd wishes that there was more involvement from vendors but, given how long the draft has been a work-in-progress, one can only conclude that it's not something the vendors prioritized working on. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. Beyond YANG, there isn't a need for any review from a particular or broader perspective. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. The shepherd has heard that some view the solution defined here as being particular to firewalls, and yet ACLs are used for other features too, thus using the acronym "acl" might be over-reaching a bit. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. [Waiting for all responses to come in] (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. [Waiting for all responses to come in] (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? strong concurrence of a few individuals, with others being silent (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) no one has threatened an appeal, but the aforementioned former author expressed extreme discontent, though not having cycles to actually engage in discussion, leaves us to thinking that the author is in the rough. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. IDnits found four items, all of which are being fixed now: - Obsolete normative reference: RFC 6536 should be RFC 8341 - Outdated reference: draft-ietf-netmod-rfc7223bis has been published as RFC 8343 - Outdated reference: draft-ietf-netmod-yang-tree-diagrams has been published as RFC 8340 - The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Other IDnits found issues are non-issues. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. There was a YANG doctor review a while back, and YANG doctors additionally participated during the Last Call. (13) Have all references within this document been identified as either normative or informative? Yes, though the shepherd feels that some Normative could be Informative. Email sent to authors. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? All normative references have already advanced to RFC status. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. There are no downward normative references. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. The publication of this document will NOT change the status of any existing RFCs. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). Yes, the IANA Considerations section appears complete and accurate. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. This document does not define any new IANA registries. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. The shepherd validated all yang modules using both the `pyang` and `yanglint` tools. The shepherd also validated the five XML examples in Section 4 of the document using the `yanglint` tool. |
|
2018-04-26
|
18 | Kent Watsen | Responsible AD changed to Ignas Bagdonas |
|
2018-04-26
|
18 | Kent Watsen | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
|
2018-04-26
|
18 | Kent Watsen | IESG state changed to Publication Requested |
|
2018-04-26
|
18 | Kent Watsen | IESG process started in state Publication Requested |
|
2018-04-26
|
18 | Kent Watsen | Changed document writeup |
|
2018-04-26
|
18 | Kent Watsen | Changed document writeup |
|
2018-04-25
|
18 | Kent Watsen | Changed document writeup |
|
2018-03-16
|
18 | Cindy Morgan | New version available: draft-ietf-netmod-acl-model-18.txt |
|
2018-03-16
|
18 | (System) | Secretariat manually posting. Approvals already received |
|
2018-03-16
|
18 | Cindy Morgan | Uploaded new revision |
|
2018-03-03
|
17 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-17.txt |
|
2018-03-03
|
17 | (System) | New version approved |
|
2018-03-03
|
17 | (System) | Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal … Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com> |
|
2018-03-03
|
17 | Mahesh Jethanandani | Uploaded new revision |
|
2018-02-12
|
16 | Kent Watsen | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
|
2018-02-02
|
16 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-16.txt |
|
2018-02-02
|
16 | (System) | New version approved |
|
2018-02-02
|
16 | (System) | Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal … Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <sagarwal12@gmail.com> |
|
2018-02-02
|
16 | Mahesh Jethanandani | Uploaded new revision |
|
2018-01-17
|
15 | Kent Watsen | IETF WG state changed to In WG Last Call from WG Document |
|
2018-01-17
|
15 | Kent Watsen | Changed consensus to Yes from Unknown |
|
2018-01-17
|
15 | Kent Watsen | Intended Status changed to Proposed Standard from None |
|
2018-01-16
|
15 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-15.txt |
|
2018-01-16
|
15 | (System) | New version approved |
|
2018-01-16
|
15 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <agarwaso@cisco.com> |
|
2018-01-16
|
15 | Mahesh Jethanandani | Uploaded new revision |
|
2017-11-09
|
14 | Zitao Wang | Added to session: IETF-100: netmod Wed-1330 |
|
2017-10-03
|
14 | Sonal Agarwal | New version available: draft-ietf-netmod-acl-model-14.txt |
|
2017-10-03
|
14 | (System) | New version approved |
|
2017-10-03
|
14 | (System) | Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal … Request for posting confirmation emailed to previous authors: Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Sonal Agarwal <agarwaso@cisco.com> |
|
2017-10-03
|
14 | Sonal Agarwal | Uploaded new revision |
|
2017-09-12
|
13 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-13.txt |
|
2017-09-12
|
13 | (System) | New version approved |
|
2017-09-12
|
13 | (System) | Request for posting confirmation emailed to previous authors: Sonal Agarwal <agarwaso@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Dana Blair … Request for posting confirmation emailed to previous authors: Sonal Agarwal <agarwaso@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Dana Blair <dblair@cisco.com> |
|
2017-09-12
|
13 | Mahesh Jethanandani | Uploaded new revision |
|
2017-09-01
|
12 | Mahesh Jethanandani | New version available: draft-ietf-netmod-acl-model-12.txt |
|
2017-09-01
|
12 | (System) | New version approved |
|
2017-09-01
|
12 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Sonal Agarwal <agarwaso@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Lisa Huang <lyihuang16@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Sonal Agarwal <agarwaso@cisco.com>, Mahesh Jethanandani <mjethanandani@gmail.com>, Lisa Huang <lyihuang16@gmail.com>, Dean Bogdanovic <ivandean@gmail.com>, Dana Blair <dblair@cisco.com> |
|
2017-09-01
|
12 | Mahesh Jethanandani | Uploaded new revision |
|
2017-07-18
|
11 | Zitao Wang | Added to session: IETF-99: netmod Wed-1330 |
|
2017-07-18
|
11 | Zitao Wang | Removed from session: IETF-99: netmod Wed-1330 |
|
2017-07-18
|
11 | Zitao Wang | Added to session: IETF-99: netmod Wed-1330 |
|
2017-07-18
|
11 | Zitao Wang | Removed from session: IETF-99: netmod Wed-1330 |
|
2017-07-16
|
11 | Zitao Wang | Added to session: IETF-99: netmod Wed-1330 |
|
2017-06-16
|
11 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-11.txt |
|
2017-06-16
|
11 | (System) | New version approved |
|
2017-06-16
|
11 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Dean Bogdanovic <ivandean@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Dean Bogdanovic <ivandean@gmail.com>, Kiran Koushik <kkoushik@cisco.com> |
|
2017-06-16
|
11 | Dean Bogdanović | Uploaded new revision |
|
2017-03-17
|
10 | Mehmet Ersue | Request for Early review by YANGDOCTORS Completed: Ready with Issues. Reviewer: Mahesh Jethanandani. |
|
2017-03-17
|
10 | Mehmet Ersue | Request for Early review by YANGDOCTORS is assigned to Mahesh Jethanandani |
|
2017-03-17
|
10 | Mehmet Ersue | Request for Early review by YANGDOCTORS is assigned to Mahesh Jethanandani |
|
2017-03-17
|
10 | Mehmet Ersue | Requested Early review by YANGDOCTORS |
|
2017-03-13
|
10 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-10.txt |
|
2017-03-13
|
10 | (System) | New version approved |
|
2017-03-13
|
10 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Dean Bogdanovic <ivandean@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, Dana Blair <dblair@cisco.com>, Lisa Huang <lyihuang16@gmail.com>, Dean Bogdanovic <ivandean@gmail.com>, Kiran Koushik <kkoushik@cisco.com> |
|
2017-03-13
|
10 | Dean Bogdanović | Uploaded new revision |
|
2016-10-13
|
09 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-09.txt |
|
2016-10-13
|
09 | (System) | New version approved |
|
2016-10-13
|
08 | (System) | Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, "Kiran Koushik" <kkoushik@cisco.com>, "Dana Blair" <dblair@cisco.com>, "Lisa Huang" <lyihuang16@gmail.com>, … Request for posting confirmation emailed to previous authors: netmod-chairs@ietf.org, "Kiran Koushik" <kkoushik@cisco.com>, "Dana Blair" <dblair@cisco.com>, "Lisa Huang" <lyihuang16@gmail.com>, "Dean Bogdanovic" <ivandean@gmail.com> |
|
2016-10-13
|
08 | Dean Bogdanović | Uploaded new revision |
|
2016-07-08
|
08 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-08.txt |
|
2016-06-27
|
07 | Lou Berger | Notification list changed to "Kent Watsen" <kwatsen@juniper.net> |
|
2016-06-27
|
07 | Lou Berger | Document shepherd changed to Kent Watsen |
|
2016-03-11
|
07 | Lisa Huang | New version available: draft-ietf-netmod-acl-model-07.txt |
|
2015-12-09
|
06 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-06.txt |
|
2015-10-19
|
05 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-05.txt |
|
2015-10-19
|
04 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-04.txt |
|
2015-10-14
|
03 | (System) | Notify list changed from "Thomas Nadeau" <tnadeau@lucidvision.com> to (None) |
|
2015-06-25
|
03 | Lisa Huang | New version available: draft-ietf-netmod-acl-model-03.txt |
|
2015-05-22
|
02 | Jürgen Schönwälder | Notification list changed to "Thomas Nadeau" <tnadeau@lucidvision.com> |
|
2015-05-22
|
02 | Jürgen Schönwälder | Document shepherd changed to Thomas Nadeau |
|
2015-03-05
|
02 | Dean Bogdanović | New version available: draft-ietf-netmod-acl-model-02.txt |
|
2015-02-06
|
01 | Lisa Huang | New version available: draft-ietf-netmod-acl-model-01.txt |
|
2014-11-11
|
00 | Lisa Huang | New version available: draft-ietf-netmod-acl-model-00.txt |