Re: [i2rs] Secdir last call review of draft-ietf-i2rs-rib-info-model-14
"Susan Hares" <shares@ndzh.com> Sun, 25 February 2018 23:51 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E942124BAC; Sun, 25 Feb 2018 15:51:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.945
X-Spam-Level:
X-Spam-Status: No, score=0.945 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oqIl8wob8_sS; Sun, 25 Feb 2018 15:51:12 -0800 (PST)
Received: from hickoryhill-consulting.com (50-245-122-97-static.hfc.comcastbusiness.net [50.245.122.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21DC21241F5; Sun, 25 Feb 2018 15:51:12 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=166.176.251.46;
From: Susan Hares <shares@ndzh.com>
To: 'Paul Wouters' <paul@nohats.ca>, secdir@ietf.org
Cc: i2rs@ietf.org, ietf@ietf.org, draft-ietf-i2rs-rib-info-model.all@ietf.org
References: <151958515603.12934.11779217462614817262@ietfa.amsl.com> <002a01d3ae92$9b899660$d29cc320$@ndzh.com>
In-Reply-To: <002a01d3ae92$9b899660$d29cc320$@ndzh.com>
Date: Sun, 25 Feb 2018 18:51:08 -0500
Message-ID: <003901d3ae93$82750910$875f1b30$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHQD0Pdn7l6HalH48dRcUIzKK9LGQL4ahFmo6VFDDA=
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2rs/_5I6SPYn010l3t_NsfX_5-xjwbQ>
Subject: Re: [i2rs] Secdir last call review of draft-ietf-i2rs-rib-info-model-14
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Feb 2018 23:51:13 -0000
Paul: I hit return to soon. Thank you for the security review. Cheerily, Susan Hares -----Original Message----- From: Susan Hares [mailto:shares@ndzh.com] Sent: Sunday, February 25, 2018 6:45 PM To: 'Paul Wouters'; secdir@ietf.org Cc: i2rs@ietf.org; ietf@ietf.org; draft-ietf-i2rs-rib-info-model.all@ietf.org Subject: RE: [i2rs] Secdir last call review of draft-ietf-i2rs-rib-info-model-14 Paul: The current I2RS RIB Data model is a yang model which can be access via netconf and restconf with the restrictions in the network management datastore architecture. Are you looking for us to specify the netconf/restconf suite protocols, and the CBOR for binary in this section. If you are looking for more than that, are you looking for what is in https://datatracker.ietf.org/doc/draft-ietf-i2rs-security-environment-reqs/ Thank you, Sue Hares WG co-chair -----Original Message----- From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Paul Wouters Sent: Sunday, February 25, 2018 1:59 PM To: secdir@ietf.org Cc: i2rs@ietf.org; ietf@ietf.org; draft-ietf-i2rs-rib-info-model.all@ietf.org Subject: [i2rs] Secdir last call review of draft-ietf-i2rs-rib-info-model-14 Reviewer: Paul Wouters Review result: Has Issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Has Issues. This Informational draft specifies an information model for routing information bases (RIBs) , and hints at how a read/write API would look like. I think the document should be improved to clarify this API beyond a simple mention of SSH and TLS in its own section, outside of the Security Consideration section. For example, if this is TLS, what is used? Something restful? xml? json? What would the URI be? And for ssh, what kind of access would be given? How is this restricted to the RIB API ? _______________________________________________ i2rs mailing list i2rs@ietf.org https://www.ietf.org/mailman/listinfo/i2rs
- [i2rs] Secdir last call review of draft-ietf-i2rs… Paul Wouters
- Re: [i2rs] Secdir last call review of draft-ietf-… Susan Hares
- Re: [i2rs] Secdir last call review of draft-ietf-… Susan Hares
- Re: [i2rs] Secdir last call review of draft-ietf-… Mahesh Jethanandani
- Re: [i2rs] Secdir last call review of draft-ietf-… Paul Wouters