The diff looks good to me.
With one small nit:
OLD: if those entries still appear in <system>
NEW: if those entries appear in <system>
As the word "still" doesn't seem needed.
Kent // contributor
> On Nov 18, 2025, at 1:00 AM, maqiufang (A)
> <[email protected]> wrote:
>
> Hi, Kent and Rob,
>
> My apology for the extreme delay in this response, just try to recover from
> the long leave…
>
> Thanks for all the good comments below, -05 is available now to incorporate
> them, and you may want to review the diff at:
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-netmod-immutable-flag-05.
> Please let me know if you have further comments/suggestions. Thanks a lot!
>
>
> Best Regards,
> Qiufang
>
> From: Kent Watsen <[email protected] <mailto:[email protected]>>
> Sent: Wednesday, September 3, 2025 4:15 AM
> To: Rob Wilton (rwilton) <[email protected]
> <mailto:[email protected]>>
> Cc: Jason Sterne (Nokia) <[email protected]
> <mailto:[email protected]>>; maqiufang (A) <[email protected]
> <mailto:[email protected]>>; [email protected] <mailto:[email protected]>;
> [email protected]
> <mailto:[email protected]>
> Subject: Re: [netmod] I-D Action: draft-ietf-netmod-immutable-flag-04.txt
>
> Hi Rob,
>
>
> On Aug 7, 2025, at 9:45 AM, Rob Wilton (rwilton)
> <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi Kent, authors,
>
> I’ve reviewed the latest version of the document, sorry for the delay.
>
>
> Thank you for your review!
>
> (Three weeks later) I'm likewise delayed ;)
>
> That said, Qiufang is still on PTO...
>
>
>
>
>
> I think that the changes look good, but I wonder whether a bit more
> description is needed for the example in the appendix, otherwise, I fear it
> may still be slightly confusing.
>
> (i) It may be worth including a copy of the contents of the system datastore
> to make it clear which configuration is present in the system datastore and
> hence if deleted from the running datastore will still be present in the
> intended datastore. E.g., “The client may also subsequently delete any
> copied "user-group" entries or the entire "user-groups" container, but this
> will not prevent the configuration as shown in Figure 2
> <https://www.ietf.org/archive/id/draft-ietf-netmod-immutable-flag-04.html#example>
> being present in <intended> (if implemented).” This will surely depend on
> whether the power-users group is also in the system datastore. E.g., these
> entries may just be in running and hence could just be deleted as normal, and
> not appear in intended?
>
> This is a good suggestion.
>
>
>
> (ii) The example includes a hardcoded admin username/password that cannot be
> changed. I’m wondering whether that is really a good example to give in an
> IETF document, or at least flag that this is not best practice and is only be
> used to illustrate the hierarchical nature of the immutable flag.
>
> I think best practice might be to have usernames like "ex-username-1" and
> "ex-username-2".
>
> As for the passwords, I see them as instances of ianach:crypt-hash. That
> said, I think there is an error in the examples as never should <system>
> return a password beginning with "$0$" (Andy's password).
>
>
>
> (iii) Similarly, the text for B.3, indicates that the tags for the power
> users can be removed, but would still turn up in intended. I assume that
> this would depend on whether those entries are also in the system datastore?
>
> Yes, it would help to clarify that those users are in <system>.
>
>
>
> Last minor comment. In section 4.1, it states “4.1., “nor is there any way to
> delete the node from the combined configuration (as described in
> [I-D.ietf-netmod-system-config
> <https://www.ietf.org/archive/id/draft-ietf-netmod-immutable-flag-04.html#I-D.ietf-netmod-system-config>]).”
> But the system-config draft doesn’t seem to mention the word combined at
> all. Perhaps relate back to the intended datastore (if implemented) and
> perhaps update the reference to the specific section where it describes the
> merging of configuration along with the diagram in the system datastore
> draft. E.g., “nor is there any way to delete the node from the combined
> configuration in the intended datastore (as described in
> [I-D.ietf-netmod-system-config
> <https://www.ietf.org/archive/id/draft-ietf-netmod-immutable-flag-04.html#I-D.ietf-netmod-system-config>]
> section XXX).”
>
> Agreed. Terminology matters.
>
>
>
> Kind regards,
> Rob
>
> Kent
>
>
>
> _______________________________________________
> netmod mailing list -- [email protected] <mailto:[email protected]>
> To unsubscribe send an email to [email protected]
> <mailto:[email protected]>
_______________________________________________
netmod mailing list -- [email protected]
To unsubscribe send an email to [email protected]
