Hi, Thanks for the feed backs. Please see my response inline too.
BR, Daniel On Thu, Nov 3, 2016 at 1:34 AM, John Strassner <john.sc.strass...@huawei.com > wrote: > Hi Daniel, > > > > Thanks for the comments, please see inline. > > > > Best, > > John > > > > *From:* I2nsf [mailto:i2nsf-boun...@ietf.org] *On Behalf Of *Daniel > Migault > *Sent:* Wednesday, November 02, 2016 3:20 AM > *To:* i2nsf@ietf.org > *Subject:* Re: [I2nsf] I-D Action: draft-ietf-i2nsf-terminology-02.txt > > > > Please consider responding to this email rather than the previous one. -- > Too many CCs. > > Yours, > > Daniel > > > > On Wed, Nov 2, 2016 at 6:16 AM, Daniel Migault < > daniel.miga...@ericsson.com> wrote: > > Hi, > > I reviewed the document. Please find my comments below. > > Yours, > > Daniel > > > Metadata: Data that provides information about other data. > > MGLT: This is actually how metadata is defined. However, it might be > usefull to provide an example, or conplete the definition. > > <jcs> > How about if we add an example? As you say, this is a complete and concise > definition of metadata; I would prefer if the definitions are kept concise, > and are augmented with examples. > </jcs> > > MGLT: I agree. Illustrations are great and usually more clarifying than complex definitions. > I an also wondering if I2NSF only defines metadata associated to YANG > models. If so woudl it be relevant to mention RFC7952 ? > > <jcs> > This is a good point. > </jcs> > > The examples do not seem to ilustrate what metadata is, instead they > mention protocols that use YANG for which metadta is defined. > > Examples include IETF network management protocols (e.g. NETCONF, > RESTCONF, IPFIX) or IETF routing interfaces (I2RS). The I2NSF > security interface may utilize Metadata to describe and/or > prescribe characteristics and behavior of the YANG data models. > > <jcs> > You are correct. I propose replacing the existing example with the > following: > > Metadata may be used to describe and/or prescribe the characteristics > and behavior of the data that the metadata applies to. Metadata is NOT > limited to metadata as defined in YANG models [RFC7952]; rather, > metadata ca be used to augment the modeling of any I2NSF model > element. Examples include: > > - version information of an I2NSF Capability, I2NSF Component, > I2NSF Policy, or other function or object of an I2NSF system > - descriptive information, such as best current practices or other > usage information, that describe the use or operation of an > I2NSF Component > - prescriptive information, such as algorithms or commands, that > define how an I2NSF Component should be used > </jcs> > > MGLT: This is good to me. I personnaly see metadata as defined in NSH, that is used on a per packet basis.... in which case "description/prescriptive" information woudl be hardly used. This is good you provide the example of the "model" and makes the text very clear at least to me. Thank you. > Network Security Function (NSF): Software that provides a set of > security-related services. Examples include detecting unwanted > activity and blocking or mitigating the effect of such unwanted > activity in order to fulfil service requirements. The NSF can > also help in supporting communication stream integrity and > confidentiality. > > MGLT: It is not clear to me the relation between function and service. My > understanding is that service may involve multiple functions. But I believe > it would be helpful to position these two concepts - at least in this > definition. > > <jcs> > Good point. How about: > > Network Security Function (NSF): Software that provides a set of > security-related services. An NSF represents the software as a > functional block. An NSF functional block may contain one or > more security-related services. Examples include detecting unwanted > activity and blocking or mitigating the effect of such unwanted > activity in order to fulfil service requirements. The NSF can > also help in supporting communication stream integrity and > confidentiality. > > </jcs> > > MGLT: Basically NSF is composed of services I think we shoudl carefully this is used this way in other drafts. Just to make it clear if we consider DOTS/ACME... as services the NSF will be composed of these services. > Producer: A Producer is a Role that is assigned to an I2NSF > Component that can send information and/or commands to another > I2NSF Component. See also: Consumer, Role. > > MGLT: Is Producer equivalent to provider ? If so maybe that would hepl to > use a single designation. > > <jcs> > I assume you mean I2NSF Provider Interface? Or are you worried that people > will equate Provider to Producer? > > MGLT: the second alternative. > Generically, Providers supply services, but are NOT a functional block in > an I2NSF system. Rather, they are actors that use an I2NSF system. In > contrast, a Producer is a functional block in an I2NSF system that supplies > information, resources, or services for consumption by other I2NSF > Components. > > We could add the fact that a Producer is a type of I2NSF Component, > whereas a Provider is not. > > MGLT: I think that woudl be very useful to have the whole text you just provided. ;-) > We could also define a functional block. J > > MGLT: ;-) > </jcs> > > > > On Sun, Oct 23, 2016 at 9:44 PM, <internet-dra...@ietf.org> wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Interface to Network Security Functions > of the IETF. > > Title : Interface to Network Security Functions (I2NSF) > Terminology > Authors : Susan Hares > John Strassner > Diego R. Lopez > Liang Xia > Henk Birkholz > Filename : draft-ietf-i2nsf-terminology-02.txt > Pages : 13 > Date : 2016-10-23 > > Abstract: > This document defines a set of terms that are used for the Interface > to Network Security Functions (I2NSF) effort. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-terminology/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-i2nsf-terminology-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-terminology-02 > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > I2nsf mailing list > I2nsf@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf > > > > > > _______________________________________________ > I2nsf mailing list > I2nsf@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf > >
_______________________________________________ I2nsf mailing list I2nsf@ietf.org https://www.ietf.org/mailman/listinfo/i2nsf
