[OPSAWG]Re: WG LC: A YANG Data Model and RADIUS Extension for Policy-based Network Access Control (draft-ietf-opsawg-ucl-acl)

[mohamed . boucadair]

Re-,

Thanks for the follow-up.

Your proposed tweak for the max length works for me. Implemented it right now 
in the PR: 
https://github.com/IETF-OPSAWG-WG/policy-based-network-acl/pull/111/files

Cheers,
Med (as author)

PS: the PR link changed as I transferred the repo from my personal account to 
the WG repo.

De : Joe Clarke (jclarke) <jcla...@cisco.com>
Envoyé : vendredi 26 septembre 2025 17:31
À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucad...@orange.com>; Joe Clarke 
(jclarke) <jclarke=40cisco....@dmarc.ietf.org>; opsawg <opsawg@ietf.org>
Objet : Re: WG LC: A YANG Data Model and RADIUS Extension for Policy-based 
Network Access Control (draft-ietf-opsawg-ucl-acl)


Thanks, Med.  Meh to the fix for point 1.  I was hoping for an example 
nonetheless.  But you did address the comment.

On 2, yeah, I read the YANG, and I'm glad you have now repeated the string 
length here.  What I was hoping for was more:

The maximum length is 67 octets to accommodate the maximum group ID of 64 
octets plus one octet for type, one octet for length, and one octet for 
Extended-Length.

Joe

From: mohamed.boucad...@orange.com<mailto:mohamed.boucad...@orange.com> 
<mohamed.boucad...@orange.com<mailto:mohamed.boucad...@orange.com>>
Date: Friday, September 26, 2025 at 04:32
To: Joe Clarke (jclarke) 
<jclarke=40cisco....@dmarc.ietf.org<mailto:jclarke=40cisco....@dmarc.ietf.org>>,
 opsawg <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Subject: [OPSAWG]Re: WG LC: A YANG Data Model and RADIUS Extension for 
Policy-based Network Access Control (draft-ietf-opsawg-ucl-acl)
Hi Joe,

Good points. This should be fixed in this PR: 
https://ddei5-0-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fgithub.com%2fboucadair%2fpolicy%2dbased%2dnetwork%2dacl%2fpull%2f111%2ffiles&umid=E686726F-3FB0-1B06-A4C7-7FFEA2C783AB&auth=ae271bdb283b4714283f8aa1e904fd51d6a19ec0-342fee4aea4747df30890a0aa5a21eb7391596ff<https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fgithub.com%2fboucadair%2fpolicy-based-network-acl%2fpull%2f111%2ffiles&umid=E686726F-3FB0-1B06-A4C7-7FFEA2C783AB&auth=ae271bdb283b4714283f8aa1e904fd51d6a19ec0-342fee4aea4747df30890a0aa5a21eb7391596ff>.

Rendered Diff:  
https://author-tools.ietf.org/api/iddiff?url_1=https://boucadair.github.io/policy-based-network-acl/draft-ietf-opsawg-ucl-acl.txt&url_2=https://boucadair.github.io/policy-based-network-acl/boucadair-patch-5/draft-ietf-opsawg-ucl-acl.txt

For your second, please note that this is aligned with this part from the 
module:

           leaf group-id {
             type string {
               length "1..64";
             }

Thank you.

Cheers,
Med (as author)

De : Joe Clarke (jclarke) 
<jclarke=40cisco....@dmarc.ietf.org<mailto:jclarke=40cisco....@dmarc.ietf.org>>
Envoyé : jeudi 25 septembre 2025 20:44
À : Joe Clarke (jclarke) 
<jclarke=40cisco....@dmarc.ietf.org<mailto:jclarke=40cisco....@dmarc.ietf.org>>;
 opsawg <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Objet : [OPSAWG]Re: WG LC: A YANG Data Model and RADIUS Extension for 
Policy-based Network Access Control (draft-ietf-opsawg-ucl-acl)


As a contributor, I want to provide my WGLC review for this document.  Overall, 
I think it's in good shape, and I would like to see this progressed.  I do have 
a few specific comments.

In Section 4.1, Step 4 says that the NAS will notify the SDN Controller.  This 
part feels a bit under-specified.  The "how" may be out of scope, but I think 
it's worth mentioning that or offering some examples of how the notification 
could work.  In my reading, it's not RADIUS itself that the NAS uses to notify 
the SDN controller, right?

Maybe it's just me, but in Section 7 when you say the User-Access-Group-ID must 
be at most 67 octets, it might be good to explain why here.  The YANG 
definition specifies a string of 1..64 bytes (good), but that isn't repeated 
here.  Likewise, indicating the other three octets are for type, length, etc. 
help to crystallize why the 67 value is there.

As chair, I haven't seen any other replies on this, and I am considering 
extending the last call by a week.  I've now asked for OPS and INT directorate 
reviews, too.

Joe

From: Joe Clarke (jclarke) 
<jclarke=40cisco....@dmarc.ietf.org<mailto:jclarke=40cisco....@dmarc.ietf.org>>
Date: Monday, September 15, 2025 at 09:15
To: opsawg <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Subject: [OPSAWG]WG LC: A YANG Data Model and RADIUS Extension for Policy-based 
Network Access Control (draft-ietf-opsawg-ucl-acl)
Hello, opsawg.  With the IPR disclosure done (no known IPR has been disclosed) 
and a new -08 revision, we are ready to begin a two week WG LC for 
https://datatracker.ietf.org/doc/draft-ietf-opsawg-ucl-acl/.  Please reply to 
the list with comments and support for this work being ready to move forward to 
the IESG for publication.

The WG LC will run until September 29.

Thanks.

Joe and Benoît

____________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.



This message and its attachments may contain confidential or privileged 
information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete 
this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.

Thank you.
____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

_______________________________________________
OPSAWG mailing list -- opsawg@ietf.org
To unsubscribe send an email to opsawg-le...@ietf.org