Roman: Good question! By mistake, I responded to just you.
Here's the difficulty. IP-SEC knowledge is key to the restructure. And so is Yang models. My personal experience in trying to get the IP-SEC model used by BGP model, is that there are differences between the implementation of IPSEC security boxes and routing box. For example, RFC8983 is a set of status messages for IPsec. Do all of these message work equivalently for IPsec boxes and routing boxes? I know how routing uses these features in securing links, but I am not a security box expert. I am willing to be "cross-area" participant of I2NSF to see that these definitions get thought through by both types of people. Either I2NSF in OPS/SEC, you need people for phrase 2 who are: yang-experts, security-experts, deployment experts. If you move this to OPS, will you get security experts? [Again - I am grateful to Paul and Tom Petch] Just giving you feedback from the trenches. Sue -----Original Message----- From: I2nsf [mailto:i2nsf-boun...@ietf.org] On Behalf Of Roman Danyliw Sent: Tuesday, March 22, 2022 6:54 AM To: Susan Hares; i2nsf@ietf.org Subject: Re: [I2nsf] Comments on re-chartering Hi Sue! > -----Original Message----- > From: Susan Hares <sha...@ndzh.com> > Sent: Sunday, March 20, 2022 6:35 PM > To: Roman Danyliw <r...@cert.org>; i2nsf@ietf.org > Subject: RE: [I2nsf] Comments on re-chartering > > Roman: > > Security has created very few Yang modules. Therefore, you do not have > experience with the lengthy cycle for this work. Ask Rob Wilton about the > versioning efforts or ask Alvaro regarding the routing yang models. Or > look at the BGP model for complexity. ... > For example, I would like to get the I2NSF IP-SEC model adapted so that we can > use it in the BGP model. This takes chatting with the folks in I2NSF who are > experts. I've consulted with my peer-SEC ADs. If the community has interest to more closely align this activity with the larger critical mass of work in Yang modules in the IETF, we would be supportive of moving I2NSF to the OPS Area to finish the remaining work or evolve it as appropriate. Regards, Roman _______________________________________________ I2nsf mailing list I2nsf@ietf.org https://www.ietf.org/mailman/listinfo/i2nsf _______________________________________________ I2nsf mailing list I2nsf@ietf.org https://www.ietf.org/mailman/listinfo/i2nsf
