Hi Tom, This draft of I2NSF Application Interface is based on another draft called "An Extension of I2NSF Framework for Security Management Automation in Cloud-Based Security Services": https://datatracker.ietf.org/doc/html/draft-jeong-i2nsf-security-management-automation-02
For the security management automation with security policy reconfiguration and feedback information, which is constructed by NSF monitoring data through I2NSF Monitoring Interface, I2NSF needs another interface called I2NSF Application Interface. This draft will be the last piece of the I2NSF Interfaces even though I2NSF WG needs to re-charter its scope for the sake of this security management automation. After publishing the five I2NSF YANG data model drafts as RFCs, I2NSF will consider the re-chartering for further work including this security management automation. I will reflect your comments on this Application Interface Draft below. Thanks. Best Regards, Paul On Mon, Sep 6, 2021 at 7:02 PM t petch <[email protected]> wrote: > I was going to let this mature a little before commenting on (e.g. the > references that need adding to the I-D References:-) but having just > looked at the other four, I had a brief look at this. > > s.2 NMDA > could do with a reference to RFC8342 > > s.3 NSF name > Surely this must have come up before and be a candidate for a leafref? > Um, not so AFAICT. This surprises me and makes me realise I do not > understand the architecture as well as I might. I would have thought > that the earlier I-D has the concept of a named NSF in there somewhere > but no, nor do I see it in RFC8329. Mmm. > > s.4 > prefix nsffbck; > That is not what you are asking IANA to register:-) > > /http:/https:/ > > leaf req-host { > type string; > description > "The domain name of the requested host"; > a domain name is not a host name, different semantics, different syntax. > I suspect that host name is intended here. For domain names, look at > RFC1034. RFC1123 is probably the best source for hostnames. > > > leaf duration { > in several places; what are the units? is there an expected format, > precision etc.? If so, it might be worth creating a YANG type (but not > if it is just integer seconds). > > s.6.1 > <start-time>2021-08-27T09:00:00.00Z</start-time> > <start-date-time>2021-08-27T09:00:01.00Z</start-date-time> > > Mmm an unfortunate inconsistency. The examples are correct in the sense > that those are the objects defined in the two I-D but it is unfortunate > that > xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"> > xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-feedback-policy"> > are out of line. For me, it is start-time in nsf-monitoring that could > so with changing. > > s.10.1 > I will return to later in the document cycle. > > Tom Petch > > ----- Original Message ----- > From: <[email protected]> > To: <[email protected]> > Sent: Friday, August 27, 2021 10:45 AM > Subject: I-D Action: draft-lingga-i2nsf-application-interface-dm-00.txt > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > > > > Title : I2NSF Application Interface YANG Data Model > > Authors : Patrick Lingga > > Jaehoon Paul Jeong > > Yunchul Choi > > Filename : > draft-lingga-i2nsf-application-interface-dm-00.txt > > Pages : 32 > > Date : 2021-08-27 > > > > Abstract: > > This document describes an information model and a YANG data model > > for the Application Interface between an Interface to Network > > Security Functions (I2NSF) Analyzer and Security Controller in an > > I2NSF system in a Network Functions Virtualization (NFV) > environment. > > The information model and YANG data model is based on the I2NSF > > Consumer-Facing Interface for enabling feedback delivery based on > the > > information received from the Network Security Function (NSF). > > > > > > The IETF datatracker status page for this draft is: > > > https://datatracker.ietf.org/doc/draft-lingga-i2nsf-application-interfac > e-dm/ > <https://datatracker.ietf.org/doc/draft-lingga-i2nsf-application-interface-dm/> > > > > There is also an htmlized version available at: > > > https://datatracker.ietf.org/doc/html/draft-lingga-i2nsf-application-int > erface-dm-00 > <https://datatracker.ietf.org/doc/html/draft-lingga-i2nsf-application-interface-dm-00> > > > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > > > _______________________________________________ > > I-D-Announce mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/i-d-announce > > Internet-Draft directories: http://www.ietf.org/shadow.html > > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > . > > > > > > _______________________________________________ > I2nsf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/i2nsf >
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
