[Detnet] Roman Danyliw's No Objection on draft-ietf-detnet-flow-information-model-13: (with COMMENT)
Roman Danyliw via Datatracker <email@example.com> Wed, 16 December 2020 18:26 UTC
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 057743A0AD4; Wed, 16 Dec 2020 10:26:26 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
From: Roman Danyliw via Datatracker <firstname.lastname@example.org>
To: "The IESG" <email@example.com>
Cc: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, Lou Berger <email@example.com>, firstname.lastname@example.org
Reply-To: Roman Danyliw <email@example.com>
Date: Wed, 16 Dec 2020 10:26:26 -0800
Subject: [Detnet] Roman Danyliw's No Objection on draft-ietf-detnet-flow-information-model-13: (with COMMENT)
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:firstname.lastname@example.org?subject=unsubscribe>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:email@example.com?subject=subscribe>
X-List-Received-Date: Wed, 16 Dec 2020 18:26:26 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-detnet-flow-information-model-13: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-detnet-flow-information-model/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Shawn Emery for the SECDIR review, and thank you for responding to it. ** Editorially, the style by which info model elements are described is different in Section 4 vs. 5. ** Editorially, the level of detail provided for the information elements seems vary a bit. For example, Section 5.5a describes a time interval in the with Interval attribute of TrafficSpecification but provides no data type of units. On the other hand, Section 5.9.2 describes MaxLatency as being an integer (data type) and unit (nanoseconds). ** Section 7. What is an “information group”? ** Section 10 The external interfaces of the DetNet domain need to be subject to appropriate confidentiality. Additionally, knowledge of which flows/ services are provided to a customer or delivered by a network operator may supply information that can be used in a variety of security attacks. Security considerations for DetNet are described in detail in [I-D.ietf-detnet-security]. General security considerations are described in [RFC8655]. This document discusses modeling the information, not how it is exchanged. -- Please clarify what is “appropriate confidentiality” and who determines that? -- I didn’t follow why the external interface is such a key focus given the contents of the detnet-security draft. Perhaps something more streamline as (roughly) the following could work if that meets the original intent: NEW (Section 10) This document describes an information model intended to principally describe network configuration information. Knowledge of which flows or services are provided to a customer or delivered by a network operator can inform a variety of attacks. This information model will be instantiated with implementation level details in a data model. Such data models (e.g., draft-ietf-detnet-yang) will need to address the security considerations for DetNet which are described in [I-D.ietf-detnet-security]. General security considerations are described in [RFC8655].
- [Detnet] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker