Hi Tom, I will address your comments on the synchronization for Consumer-Facing Interface Data Model with other Interface Data Models.
Thanks. Best Regards, Paul On Fri, Aug 27, 2021 at 8:57 PM tom petch <[email protected]> wrote: > From: I2nsf <[email protected]> on behalf of [email protected] > <[email protected]> > Sent: 22 August 2021 01:58 > > I do like consistency as I have said before and this I-D seems out of line > with others which for me makes it more error prone for users, implementers. > > The other I-D of the four (capability, nsf facing, monitoring,) use > identity of transport-protocl, application-protocol) which seems fine. > This does not, using layer-4-protocol, layer-7-protocol. I think that this > should come in line. In passing, I think that layer 7 is not right - the > protocols are layers 5 and 6 and 7. > > Also, for the application protocols, this adds nat, drops sftp imap > compared to capability which I take as my base reference and perhaps should > include those two. > > This I-D lacks an identity event but derives from security-event-type four > identity which seem close to but not the same as content-security-control > in capability and nsf-facing; and the -type suffix seems redundant. > > I am still digesting the latest revisions. > > Tom Petch > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Interface to Network Security Functions > WG of the IETF. > > Title : I2NSF Consumer-Facing Interface YANG Data Model > Authors : Jaehoon (Paul) Jeong > Chaehong Chung > Tae-Jin Ahn > Rakesh Kumar > Susan Hares > Filename : > draft-ietf-i2nsf-consumer-facing-interface-dm-14.txt > Pages : 60 > Date : 2021-08-21 > > Abstract: > This document describes an information model and a YANG data model > for the Consumer-Facing Interface between an Interface to Network > Security Functions (I2NSF) User and Security Controller in an I2NSF > system in a Network Functions Virtualization (NFV) environment. The > information model defines various types of managed objects and the > relationship among them needed to build the interface. The > information model is based on the "Event-Condition-Action" (ECA) > policy model defined by a capability information model for I2NSF, and > the data model is defined for enabling different users of a given > I2NSF system to define, manage, and monitor security policies for > specific flows within an administrative domain. > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-consumer-facing-interface-dm/ > > There is also an htmlized version available at: > > https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-consumer-facing-interface-dm-14 > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-consumer-facing-interface-dm-14 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf > > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf >
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
