edit-config test-option clarification

[Andy Bierman <ietf@andybierman.com>]

Hi,

prot-12:pg 38, middle:

     test-option:

         The test-option element may be specified only if the device
         advertises the :validate capability (Section 8.6).

         The test-option element has one of the following values:

         test-then-set: Perform a validation test before attempting to
            set.  If validation errors occur, do not perform the <edit-
            config> operation.  This is the default test-option.

         set: Perform a set without a validation test first.


IMO, the last sentence regarding 'set' mode is misleading.
The terminology is intentionally vague because the WG could
not agree on exactly what 'validation' meant.

It should be understood that a conforming agent implementation MUST NOT
use parameters passed in RPCs as-is without any checking,
even if the :validate capability is implemented and the 'set' option
is selected by the manager. (Or the hacker ;-)

The 'set' value of the 'test-option' does not indicate that the agent
should use schema-invalid values, or invalid values of any kind.

Instead, it means:

"An agent MUST NOT not complete all implementation-specific referential
integrity, or other validation checks, in addition to schema-validation checks,
before applying any changes to the target.  An agent MUST apply a valid
sub-operation within the edit-config operation without first completing
a full validation test of the entire edit-config PDU."

Is there anyone who thinks the 'set' option should mean otherwise?

IMO (and I can say this because I was there when it was written ;-),
this 'test-option' is the lamest thing I've ever put in a standard.
It is an extremely implementation-specific detail at best,
especially when rollback-on-error is also selected.



Andy

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>