[09:36:58] elvis joins the room
[09:37:00] elvis leaves the room
[17:14:08] bert joins the room
[17:14:30] bert has set the subject to: NetConf session at IETF72
[17:17:07] bert leaves the room: Replaced by new connection
[17:17:08] bert joins the room
[17:21:25] <bert> agenda is located at: http://www.ietf.org/proceedings/08jul/agenda/netconf.txt
[17:22:02] Juergen Schoenwaelder joins the room
[17:22:43] <bert> slidesets are here *(5 of them): https://datatracker.ietf.org/meeting/72/materials.html
[17:23:47] <bert> look for NETCONF  under the Operations and Management area
[17:27:59] Juergen Schoenwaelder leaves the room: Disconnected
[17:36:29] Peny joins the room
[17:40:05] Sharon joins the room
[17:42:26] Peny leaves the room
[17:47:28] <Sharon> administrivia
[17:48:56] ruri joins the room
[17:50:32] <Sharon> One slide 8
[17:50:35] Juergen Schoenwaelder joins the room
[17:50:53] <Sharon> wrong RFC number 4741
[17:51:06] Chris Newman joins the room
[17:51:10] <Sharon> Monitoring drat with Mark
[17:51:23] <Sharon> side 2
[17:54:12] <Sharon> Dave H - depending on usage, look at info model versus data model for the terminology (the RFC he means)
[17:54:18] <Sharon> This is related to slide 3
[17:55:18] <Sharon> bert - suggest we use the term schema to be consistent
[17:56:44] <Sharon> dave p - (consistency with yang)
[17:57:04] <Sharon> sharon - consistent with XML content
[17:57:13] <Sharon> rob - clarification - both yang and XSD?
[17:57:16] <Sharon> mark - yes
[17:57:29] <Sharon> rob - so data model
[17:57:35] <Sharon> dave h - rfc 3434
[17:57:53] <Sharon> dave p - likes term data model
[17:58:57] <Sharon> martin - rename <get-schema> RPC
[17:59:10] <Sharon> [editorial note - yuck]
[17:59:24] <Sharon> take to mailing list
[17:59:40] <Sharon> slide 4
[18:00:21] <Sharon> data type debate
[18:00:56] <Sharon> bob's stuff v4 only
[18:02:03] <Sharon> Dave H - there is work going on in opwg to do the translation. if you want to disucss their work go to their working group
[18:02:29] <Sharon> Mark - if they have some we can use, we use them; if we need our own, then we create our own
[18:03:09] <Sharon> dave p - propose a way forward. Mark and BOb and Juergen sit down and figure out a way forward and propose it to both mailing lists
[18:03:27] <Sharon> (design team presumably)
[18:03:40] <Sharon> mark - we agred it will be the same ?
[18:03:54] <Sharon> bert, dave p - no. same problem, see if a single solution is possible
[18:04:24] <Sharon> dave h - want to make it clear that the opswg is different then what we are doing here.
[18:04:44] <Sharon> dave h - just snmp to xsd. Not NETCONF
[18:05:07] <Sharon> dave h - not the same work; different focus
[18:05:17] <Sharon> bert - we might want to use it over the NETCONF protocol, need to look
[18:05:48] <Sharon> dave h - the opsawg is only dealing with smiv2
[18:06:16] <Sharon> dave p - if you define something in a reusable way, maybe it will get reused
[18:06:38] <Sharon> mark - is content gets defined, should netconf try and reuse it
[18:07:18] <Sharon> juergen - this is a chicken and egg problem. netmod not done yet. Need to be pragmatic. best guess and move forward.
[18:07:24] Chris Newman leaves the room
[18:07:32] <Sharon> juergen - the xsd thing si not the subject of this working group
[18:08:05] <Sharon> bert - as chair - even though it is in the charter to wg last call. suggest that we tread carefully around these topics. Things we need to think about
[18:08:26] <Sharon> that's it for Mark. thanks mark
[18:08:29] <Sharon> ----------------------
[18:08:34] <Sharon> Fine grain locking
[18:08:35] bclaise joins the room
[18:09:02] <Sharon> slide 2
[18:09:37] <Sharon> slide 3
[18:09:42] <Sharon> 1.5 open issues
[18:11:01] <Sharon> other protocols - if locked; leave as is
[18:11:21] ruri leaves the room
[18:11:50] alexclemm joins the room
[18:11:55] <Sharon> dave h - concern how this will interact SNMP
[18:12:07] <Sharon> dave h - (missed example, but SNMP may not be prepared to handle)
[18:12:17] <Sharon> dave h - (resource unavailable?)
[18:12:25] <Sharon> b - we have this for global lock today
[18:13:24] <Sharon> wes - not going to comment on right or wrong; point out one thing. Easy to check partial locks, if they data models work well. If they are aligned.
[18:13:38] <Sharon> wes - if the are different.
[18:15:51] mark.ellison joins the room
[18:15:54] <Sharon> sharon - perfectly reasonable to expect this of a CLI. In fact we need lots of alignment between CLI and NETCONF
[18:16:21] <Sharon> wes - history we learned. 'atomic set' model. Not that they didn't want to, they didn't do it because it was expensive
[18:16:45] <Sharon> bert - if we do something sensible people won't implement it?
[18:16:57] <Sharon> dave p - some people do do automic sets
[18:17:10] <Sharon> bert - go ahead with plan that other protocols need to honour it
[18:17:36] <Sharon> end of partial locking
[18:18:13] <Sharon> is this document ready for working gruop last call?
[18:18:33] <Sharon> 8 in favour; none opposed
[18:18:59] <Sharon> also need some clarifications and typos fixed before last call. Do in next couple of weeks
[18:19:29] <Sharon> --------
[18:19:32] <Sharon> NETCONF over TLS
[18:20:12] <Sharon> slide 2
[18:21:16] <Sharon> slide 3
[18:21:35] <Sharon> side 5
[18:22:27] <Sharon> tim polk - security AD. Not the AD with the most TLS, but I was available
[18:22:41] <Sharon> tp - no big problems with using TLS here
[18:22:47] <Sharon> tp - couple things we have questions about
[18:23:18] <Sharon> tp - given password based transports that you already have .... what the TLS is adding to the mix?
[18:23:26] <Sharon> tp - if certificate based, then this is something new
[18:23:55] <Sharon> tp - other piece, perhaps not security issue, the non-standard handling of password, understand why you do it, but not sure of value
[18:24:27] <Sharon> tp - make you do a lot more to use tls then just use it out of box. and this reduces the value of having tls ... you already have impleemntations and you can just use it.
[18:24:46] <Sharon> tp - as soon as you have to do different things, no longer a clean stack; that issue needs to be looked at
[18:24:52] ruri joins the room
[18:25:04] <Sharon> tp - considering SSH, and beep ...
[18:25:21] <Sharon> tp - are you simply adding confusing if you add TLS as yet another password authenticated transport
[18:25:29] <Sharon> tp - real value in certiicate piece
[18:25:49] <Sharon> tp - alignment with syslog over TLS? divergent at this stage
[18:26:19] <Sharon> tp - does that make sense
[18:26:40] <Sharon> bert - we have had question to room, what value does it add. Asked back in vancouver
[18:26:58] <Sharon> bert - people supported it because there might be TLS, nbut not other protocols
[18:27:19] <Sharon> tp - that would be the argument then. You just need to sort (as a working group)  whether that is important for you
[18:27:34] <Sharon> bert - given this new view, it might be useful to ask again
[18:27:53] <Sharon> tp - infrustructure in place for mutually authenticated certs is not as common as I would like
[18:28:06] <Sharon> tp - but for those environmetns were it is, this would be a nice security upgrade
[18:28:59] <Sharon> a - password stuff is specific to netconf.
[18:29:06] <Sharon> a - outside TLS
[18:29:11] <Sharon> tp - not clear from spec
[18:29:27] <Sharon> a - also specified for ike version 2
[18:29:34] <Sharon> tp - don't see security issue
[18:29:42] <Sharon> tp - just didn't see value in password piece
[18:30:09] <Sharon> bert - so we should clarify the password thing is outslide of TLS
[18:30:14] <Sharon> tp - yes
[18:30:54] <Sharon> Dan - before you run away tim, this wg debating before excepting items.
[18:31:06] <Sharon> Dan - here or the security area. we decided here.
[18:31:41] <Sharon> Dan - what would you recommend. (I think to get the security input)
[18:33:45] <Sharon> tp - additional comments might come later
[18:35:19] <Sharon> bert - still see on the mailing list that we still have support for this to go forward as standards track
[18:35:59] <Sharon> bert - running out of time
[18:36:28] <Sharon> dave h - supported work initially. support it because there are environents like web-based home-routers where this wll work well.
[18:37:36] <Sharon> dave h - consider here. whe  netconf does access control, you may need something more then certs to identify your user.
[18:37:55] <Sharon> Juergen - make it clear that wen you do a last call to distinguish between cert and password
[18:37:58] <Sharon> end 
[18:38:00] <Sharon> ----------
[18:38:10] <Sharon> Notification Content
[18:39:04] <bert> slide 3
[18:39:08] badra joins the room
[18:39:29] badra leaves the room
[18:41:29] <bert> slide 4
[18:41:50] sbuko joins the room
[18:42:07] sbuko leaves the room
[18:42:36] Steve Buko joins the room
[18:43:25] <bert> slide 5
[18:43:35] Steve Buko leaves the room
[18:44:29] <bert> slide 6
[18:46:43] <alexclemm> I believe the content should be standard track as it defines also parameters that are going to be common to multiple categories of events.  
[18:49:44] <alexclemm> My vote is yes, to entertain this work - I do think it will be important to align basic notification content between vendors - that's why I engaged as coauthor
[18:51:28] <alexclemm> Show of hands: yes for me
[18:51:32] badra joins the room
[18:53:08] bclaise leaves the room
[18:53:10] ruri leaves the room
[18:53:55] alexclemm leaves the room
[18:54:18] Sharon leaves the room
[18:54:23] mark.ellison leaves the room
[18:58:26] Juergen Schoenwaelder leaves the room
[19:06:01] bert leaves the room
[19:11:34] badra leaves the room