[I2nsf] Barry Leiba's No Objection on draft-ietf-i2nsf-capability-data-model-12: (with COMMENT)

Barry Leiba via Datatracker <noreply@ietf.org> Fri, 18 September 2020 19:41 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: i2nsf@ietf.org
Delivered-To: i2nsf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F7223A07F2; Fri, 18 Sep 2020 12:41:59 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Barry Leiba via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-i2nsf-capability-data-model@ietf.org, i2nsf-chairs@ietf.org, i2nsf@ietf.org, Linda Dunbar <dunbar.ll@gmail.com>, dunbar.ll@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.17.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Barry Leiba <barryleiba@computer.org>
Message-ID: <160045811876.7623.1058204201292416303@ietfa.amsl.com>
Date: Fri, 18 Sep 2020 12:41:59 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/ua7l6WGfq9V8OOJ0SK8WFAIRS1A>
Subject: [I2nsf] Barry Leiba's No Objection on draft-ietf-i2nsf-capability-data-model-12: (with COMMENT)
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2020 19:41:59 -0000

Barry Leiba has entered the following ballot position for
draft-ietf-i2nsf-capability-data-model-12: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-i2nsf-capability-data-model/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

While most of these comments are editorial, some of them are dealing with text
that's difficult to understand because of the editorial issues.  Please
consider these:

— Section 1 —

   As the industry becomes more sophisticated and network devices (e.g.,
   Internet of Things, Self-driving vehicles, and smartphone using Voice
   over IP (VoIP) and Voice over LTE (VoLTE)), service providers have a
   lot of problems described in [RFC8192].

This sentence seems a bit fractured.  What about network devices?  It looks
like there’s something missing after the parenthetical.  Please re-work this
sentence.

— Section 3 —

   This section provides as overview of how the YANG data model can be

Typo: “provides an overview”.

   The configuration of advanced security functions over the NSF-Facing
   Interface is used to configure the security policy rules of advanced
   network security functions (e.g., anti-virus and Distributed-Denial-
   of-Service (DDoS) attack mitigator), respectively, according to the
   capabilities of NSFs registered with the I2NSF Framework.

I don’t see what “respectively” refers to, as the sentence only talks about
configuring one thing (“the security policy rules of advanced network security
functions”).

Also, it seems odd to say “the configuration of … is used to configure …”. 
Probably should fix that.

   o  If a network administrator wants to block malicious users for IPv6
      traffic, he sends a security policy rule to block the users to the
      Network Operator Management System using the I2NSF User (i.e., web
      application).

Please consider not making the network administrator male (“he”).

   o  When the Network Operator Management System receives the security
      policy rule, it automatically sends that security policy rules to
      appropriate NSFs

Change “rules” to singular “rule” to match the first half of the sentence.

— Section 7 —
You twice say “transport secure transport”, which should just be “secure
transport”.

   o  ietf-i2nsf-capability: An attacker could alter the security
      capabilities associated with an NSF whereby disabling or enabling
      the evasion of security mitigations.

I don’t think “whereby” is the right word here, but I can’t figure out what
you’re trying to say well enough to suggest what the right word is.  Maybe just
“by”?  And I don’t know what it means to “disable the evasion of” something. 
So this sentence needs some work, please.

   These are the subtrees and data
   nodes and their sensitivity/vulnerability:

Something’s missing here.  Maybe just “is”?  Maybe something else?