IETF Logo Mail Archive

Fw: [Netconf] Gen-art LC review: draft-ietf-netconf-restconf-15

tom p. <daedulus@btconnect.com> Sat, 30 July 2016 11:50 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47B9312B077 for <ietf@ietfa.amsl.com>; Sat, 30 Jul 2016 04:50:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n6DhVPDLoRpn for <ietf@ietfa.amsl.com>; Sat, 30 Jul 2016 04:50:02 -0700 (PDT)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0124.outbound.protection.outlook.com [104.47.0.124]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 434E912B04B for <ietf@ietf.org>; Sat, 30 Jul 2016 04:50:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HO7eJA4lRgUDl7UHRK2t53JyovI+KKxRF4IiXfK0lyQ=; b=YO0q18lk9qPkFE50yDHB4rCMBzPxUhYVPg60iWa+g8gL81dcDSZdOoHmZuXwOGy+Ec44Xc0pYf+b+Sb1c6zDHStoUsWoDrniHDtZ4F82vfbkmbfRToZMxOVIuJ6Rms65c5IjtDWpPEMQ1wnEjKsD8Tan3tXH1y0jDigMh4tAHD0=
Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=daedulus@btconnect.com;
Received: from pc6 (31.50.86.164) by VI1PR07MB1567.eurprd07.prod.outlook.com (10.165.239.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.549.15; Sat, 30 Jul 2016 11:49:57 +0000
Message-ID: <00c601d1ea58$23dd91c0$4001a8c0@gateway.2wire.net>
From: "tom p." <daedulus@btconnect.com>
To: ietf <ietf@ietf.org>
Subject: Fw: [Netconf] Gen-art LC review: draft-ietf-netconf-restconf-15
Date: Sat, 30 Jul 2016 12:47:13 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [31.50.86.164]
X-ClientProxiedBy: HE1PR05CA0012.eurprd05.prod.outlook.com (10.162.181.22) To VI1PR07MB1567.eurprd07.prod.outlook.com (10.165.239.13)
X-MS-Office365-Filtering-Correlation-Id: c0ae3d92-984b-4d12-c86a-08d3b86fa12e
X-Microsoft-Exchange-Diagnostics: 1; VI1PR07MB1567; 2:5fbZCDXVOJMsz7BKHdkmU6XQNi8h7NY0Wk1o/1vJ86SdeIUM2SND4aPmRG5TU6AED6diNIv3jjR/IRC6iGdhCjcEf+PQGmb3eRS5E1KXm0ZHygPLAZTg3G+YUGOGH9YgZdBBFfv0l9O/w9R0UHDK2fPnFwn3RUnEgIVjadCegVOTE40fCGf5a1RNNzuwB8jT; 3:aoIG5Fr/JD76Z4YIqyCOWEX+7gtT7L+3KJkw9HhAyIXPB7yVkgpBeSel9xxYyXG34fRTo8uO6YRG82joEaRWhheJXmCmYj8wgmCYZDZBa0r3aeDrrzvWmsybO18BFLjl
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:VI1PR07MB1567;
X-Microsoft-Exchange-Diagnostics: 1; VI1PR07MB1567; 25:NQcYtZe3bxPGQSqzChhW+fehxrMdezZ+lvpk8joX250JgT36xpVA3wQP+FlfHZlfOwlSiSoIoeoxAgH3t0TwXKmSrPThYzbyEz2yb4CHD6pQDnzPXUlv9+dppNgadFinc2z6YYabXI0iFkQnzaj9PNSQp4qkf5F4ptFMTwSYmM3aViPMrnno1IPdvMKZWmVA8BLHIiP7f+iMxon94WMaJaqqkaUcWeW44fuFyIv5eKjwuKTJOjP+1jAzQB9V0EjWA7h5iPCT7gjvrHMaSvOojiH0JK1KI2H0MKc7sE8n45GuTrhm19Vmpvp0d5EzNYsb9XyB3gPnPmXbMKVLtxNWr55LX+wcrMJg+RC0ZZJuUqrjJNSxYsWbWCD3MV6fahqwmwReyk30pJ+o+kazFqClOsjO8Zst9mX3/7xWXpKmkrcnjwlEr1znaQvjMdLZkUb5V4QQIY/9p55aNxCQNJ6eVHQ6vjHuoFp666dyr6qbLm0g5LKIA91uHMIQm51EX8gRgNP4igSSyx2dMVefIjXppMTCC8TlkGNcnlA4b+FIZ2Ycqf6dTqWBRlCHj62W2yZYX2M4sNAED9aFolOzN1XowQHOHOVd0NdVtuoBeVEHUj/VfKm4qTkr+UTAYcHiDarbrrjrIFEmNxI7WMA/XqxCZt+ZXyAuPtlnGyVttvSytNbn69KT97nqFt6Yzoqj+/+9C9NBGdC0W6/6Is6GRrI5Gl3qwaFCCiJ6dd9gImFol4fMHEvIeim41yjPzWGi9QTwlZJZgUl330UBkpkA120vaT3zH+NBhyg8Sehrss6sJcV+fGWjEMGgnzuI7AKO0glKQ+EPV0zf6kds89hjpLDU11wT3NWEwAyG4rMLHnCEXFk=
X-Microsoft-Exchange-Diagnostics: 1; VI1PR07MB1567; 31:y3+sLR7H0IK7FVEWQzZz6SYLpw258VYC6jzS7p3kBLNMgmEN3/y6P+ah9xs6/2VhwrAx5JMks1r8m0Fss+0qpHn4kyIb9mJ4yf/fawTA7ay1HKA+DRMnuCdladtaJ+eYQG7eBM+3nccA/30pLj2MZt+MVlKU2qMbSnKZ+J0TgaD/12YTaCvXjJ06I5FEqzuWhMft6oqT5v62W61Vpz21IA==; 4:NIycKtrKKr6dcnKtCmNEdZUoULlmHj2dMNnTZUzpOr9OmdJwCSHuUB3GZNOIzmTTiAhnpsLClSniOsn+mxX1++jLIz14ONhjZWr3vs6LINN1qAhSD8iocfUMGBbhudHm5xMHGMq6RVSKeKdahaITUDr0QAtd7ieZwZDRdQf64UZajfhYG7VD/57J4LIU7RV41voC4QNJId+zmtYq0UsPAN6tRfhqSfK2khhEtZOWrTCcaLrjYn9ZBJh97byTYfIlgvVz0pebG37e+rbW4nrtJL6CfZo4v8fZ0OmbT+FhfTe++o+ZhVmdsccEu9IxbGcvvemGJ1TesHpGFzLEmwMjYsqPaBpOIVRcnYyIx6dgkb7yieDD1kJ2PGoiyR33XNenw26B8QJ6a4JiatO/JIMtmDzRak4MyA+S6C09tnp31hKS8UlAI0CH5ZcVwj/V+qp9d6GuXfATvTuC6kvY5RFg5fKQX667NJUkG8JjQV0OPgqEBu8Q2F6DWGtwAoa5O+Y9
X-Microsoft-Antispam-PRVS: <VI1PR07MB1567A721D5A57415B783572AC6020@VI1PR07MB1567.eurprd07.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(178726229863574)(158342451672863)(192374486261705)(788757137089);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001); SRVR:VI1PR07MB1567; BCL:0; PCL:0; RULEID:; SRVR:VI1PR07MB1567;
X-Forefront-PRVS: 001968DD50
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(6009001)(7916002)(199003)(189002)(377454003)(24454002)(13464003)(81166006)(68736007)(15975445007)(107886002)(97736004)(92566002)(81156014)(586003)(116806002)(84392002)(1456003)(110136002)(8676002)(230783001)(9686002)(7846002)(50226002)(105586002)(77096005)(23676002)(6116002)(305945005)(189998001)(3846002)(7736002)(230700001)(1556002)(106356001)(86362001)(81686999)(50466002)(19580395003)(19580405001)(33646002)(66066001)(14496001)(101416001)(450100001)(62236002)(44716002)(50986999)(44736004)(81816999)(61296003)(47776003)(42186005)(2906002)(74416001)(7726001)(4720700001); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB1567; H:pc6; FPR:; SPF:None; PTR:InfoNoRecords; A:0; MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 1;VI1PR07MB1567;23:WS7A0lz+vrmOUMtBCc9ZJWFop8oXZOR95/kufWqpIL74mIT6Ep7BNTieKeAfj3W2l2ZijpjGo+nC2iBhN6IPrajappGdfWQmiTloAVfyeeeUXOcfAMCfTn/ecdCwEb0O8QXBAm/7ziYqEJ0jV6M/QHQouJgJkb/17rf2B/9f5KZlJskQkCH/Aes5MLgv/XJQyqMeNIjJEfcnWTAjcLIZjekbQwyg6Dk/DEZfCY+RmoM2wVEUIPXLdDWx+O6OgCDz/iVQzwcBhsiJKw7q6fPbvRWm47PVWCINZxm40DJoJ6EpHAEk/8Dnc00vS6UMLHyJBzfdI9yPRMuZe/hZHOC5mO8NFsJfe1sJT7jGQBdyyQlUwuFz9JeAaXwgyY2PG69l5dmaa0otHlTQvFb4lVB3VTkQdw/fUydwHdfG6J2/9oBaUk8Dtbbh4cGY7Lpst+kkWsFDT8vMakNPbzJaU24CXXSPa3mE8lZda03avVnvQB8JB7cluOBI0gHk3vTehOEMkY+ekFon1EHrA3J7oIvWYWDQXEglhP2IMBF7PKHVaAnIdMDZqw8PiVAUOeu5c5zsI+Xm0UsjzjLGTe5zIlIeLHmSyQ6ywKqeKeoKEQhEFsSOChiaxN2wpAoxZ8Wi8yVWz4wXLE+OJawmoXv6OuElVNvBP0+G6mP/vX3rcTkYc1/30LRd2W6HsmNRs7fI+H4e4uwypSYHjUpUyct1QLL6YnllQHfeh49BVIH5h/hgIPfHwtGgiGSANlPK33wnIU/bJxS2rdQITzgDyhwvMw/ZRku4cX1nVZze9QGSA/oYVsNskOoYNmEoNlbz2BxLSH58088yGI6ReFMcm9hsQo2nRMfhPRQHHVWYBu95poxdOwyQsF9S+q5PPFTNKC4Shdd7l68afaQHkyoMd6Ry9OTvMLMRrEoSJ2NJbN95JPs7r05ClZIZTUscBo+oG8QEGYss0pliqD/vtPfEZJnvmYxBlzcTHDOyAGM/QpC0py2C9AWeJq1gGxph7e57qNXVBFKf44f5pSv++cfw5yiX3VF2m+/OMxcqiYyzQKl+cdWA5UzXweQm0Pr66FGrx21P9c3XKMuu9vSN63mEUjJ97Uji+TyjuH9PWrlLQLGk018IIB6MxH5ttkM9pUx7EM4YJaMEs55d8neYAmC4T7pKeufcSeRsmRQrlVFxIN9/O2UWCnZvsj+/jalVj397WAXNuCAebf19WzZpr/eg0mjmxsRGaj+YDEA5THw92iytJiLRNnf+EKbruQ+B1r0R4kpAUOQHy5AnFGXGplE+wuoxKMf9B8Wr29LoxzOI0Afk+IfzD5ce5BHT1+uMC19X8sPx5gD0J7LU7Kmvx3r2lP8L2uDtkc3oz5W8bZLhfOYEgL8P+NNkX/BAm/aSlfh43g12ucmd
X-Microsoft-Exchange-Diagnostics: 1; VI1PR07MB1567; 6:aCB/BfouX11h2KAsvGD59l9UVkIt3MPAsjHWerCnT+xoKYe3vgDn6bumYI3T9svdv3vY7OFfNLE1t1LXDzm4cujdYjuXb+9s6chXYIlOpM16yD5PgYxQvUosE8WqQLWLEQqC0yP7c7zT3RMiPDBK89nVAZi0ZKuxl8n8VrGfCH5rm6l/0t67Kniah1H9TCzQyfdR6rqK/ScjyitiwNL/rGoGtG/5d1M1I6Q2WSu9AbxZFVAAHRYBmMH6wRq69Y1VwoMw4O9aGoSFVgTGhkivIFr8X4QfRS04HUx/UVtqgU8=; 5:2b9VEtEGXK8y55p0WKxOlecRloENdn3kV7ylzk3SPHVfcfQycdYK+IKQsQ6MFcfj3cGcQL5LIwFOyHKZDziC+lfV6hlqO5RD+2K/c+WOUmXn+LidmCsA9MWSRH1REhLvXrChvnUkwn4Vdv6SSAwBzw==; 24:jr92KS+jxaqfhkJT/pboys6rn+U3DzmuYAGDYKIwNscLaQNh/PS3NZ4a1IHV5zFhIq00DyEPVGFef5AwtxPRIOpteq0m3pEug3YvaJ2Yfe8=; 7:6eOrdeM4CktIreTvB73U97WAogSzopXdfEE4KskBDKedF/gmMiQZzM99dnjnhDqdLvWTrjA6+hHTCIjFbHvXtTLQ8ZrzAt6LuLjOeffTaKNBwD47i+gob72+id/jlR47HOoGBLg1YNEA834qBBPBlrQTErWmxf8oMYne2pd0DbQ+Q93pO/Xpw3cadI+Q8uzlabsjoa2WdBCoaLK2MccOCYwJmKfS7xBUXnZVe3BcDGhjn6/9Pn9LIzGVKAGNU6Rt
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2016 11:49:57.0186 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB1567
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/JSbVRSoUwim2oFt0fvO6emrkse0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jul 2016 11:50:04 -0000

----- Original Message -----
From: "t.petch" <ietfc@btconnect.com>
To: "Andy Bierman" <andy@yumaworks.com>; "Robert Sparks"
<rjsparks@nostrum.com>
Cc: "General Area Review Team" <gen-art@ietf.org>;
<draft-ietf-netconf-restconf.all@ietf.org>; <ietf@ietf.org>; "Netconf"
<netconf@ietf.org>
Sent: Saturday, July 30, 2016 12:45 PM

 Robert

 Picking up on the point about terminating the connection when a
certificate validation fails,  this is a straight lift from 'Netconf
over TLS', RFC7589, where the reference is also in Section 4 which makes
it clear (to me:-) that the reference is to how the connection is
terminated, as per RFC5246 s.7.2.1, and nothing to do with the
certificate validation, which is as per RFC5280.

Tom Petch

> ----- Original Message -----
> From: "Robert Sparks" <rjsparks@nostrum.com>
> To: "Andy Bierman" <andy@yumaworks.com>
> Cc: "General Area Review Team" <gen-art@ietf.org>;
> <draft-ietf-netconf-restconf.all@ietf.org>; <ietf@ietf.org>; "Netconf"
> <netconf@ietf.org>
> Sent: Friday, July 29, 2016 9:47 PM
> Subject: Re: [Netconf] Gen-art LC review:
draft-ietf-netconf-restconf-15
>
>
> >
> >
> > On 7/29/16 3:36 PM, Andy Bierman wrote:
> > > Hi,
> > >
> > > I will add this review to the list.
> > > A new version in in progress.
> > > Some comments inline
> > >
> > >
> > > On Fri, Jul 29, 2016 at 1:11 PM, Robert Sparks
<rjsparks@nostrum.com
> > > <mailto:rjsparks@nostrum.com>> wrote:
> > >
> > >     I am the assigned Gen-ART reviewer for this draft. The General
> Area
> > >     Review Team (Gen-ART) reviews all IETF documents being
processed
> > >     by the IESG for the IETF Chair.  Please treat these comments
> just
> > >     like any other last call comments.
> > >
> > >     For more information, please see the FAQ at
> > >
> > >     <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
> > >
> > >     Document: draft-ietf-netconf-restconf-15
> > >     Reviewer: Robert Sparks
> > >     Review Date: 28Jul2016
> > >     IETF LC End Date: 3Aug2016
> > >     IESG Telechat date: not yet scheduled
> > >
> > >     Summary:
> > >
> > >     Major issues:
> > >
> > >     * I am not finding any discussion in the Security
Considerations
> > >     or in the text around what a server's options are if a client
is
> > >     asking it to keep more state than it is willing or capable of
> > >     holding. The possible values of the "depth" query parameter
> > >     (particularly "unbounded") points out that a misconfigured or
> > >     compromised client might start creating arbitrarily deep
trees.
> > >     Should a server have the ability to say no?
> > >
> > >
> > >
> > > I guess we need more text somewhere explaining the "depth"
parameter
> is
> > > a retrieval filter.
> > I got that. It's existence, however, caused me to think about the
fact
> > that what is stored at the server can be arbitrarily deep. Clients
> using
> > POST can build trees that are arbitrarily deep, with bits at the
node
> > that are arbitrarily large (subject to the constraints the YANG
models
> > put on the node). There should be some discussion acknowledging that
> > this can happen, and discussion of what the server can do if some
> client
> > starts asking it to store more than it is willing to store.
> > > It is not used to create anything in the server.
> > > The server does not maintain any state except during the
processing
> of
> > > the retrieval request
> > >
> > >
> > >     * The third paragraph of 3.7 paraphrases to "SHOULD NOT delete
> > >     more than one instance unless a proprietary query parameter
says
> > >     it's ok". This isn't really helpful in a specification.
> > >     Proprietary things are proprietary. The SHOULD NOT already
> allows
> > >     proprietary things to do something different without
> trainwrecking
> > >     the protocol. Please just delete the 2nd and 3rd sentence from
> the
> > >     paragraph.
> > >
> > >
> > > OK
> > >
> > >
> > >     * Section 2.3 says "If X.509 certificate path validation fails
> and
> > >     the presented X.509 certificate does not match a locally
> > >     configured certificate fingerprint, the connection MUST be
> > >     terminated as defined in [RFC5246]." RFC5246 doesn't really
talk
> > >     about certificate validation, and it certainly doesn't say
"the
> > >     connection MUST be terminated" when certificates fail to
> validate.
> > >     What are you trying to point to in RFC5246 here? Should you be
> > >     pointing somewhere else? (It's perfectly reasonable for the
> > >     document to reference RFC5246, and it does so elsewhere
without
> > >     problem).
> > >
> > >
> > >
> > > Please suggest replacement text if we are citing the wrong RFC.
> > > I will ask Kent to look into this issue
> > >
> > >
> > >     Minor issues:
> > >
> > >     * "A server MUST support XML or JSON encoding." is ambiguous.
> (2nd
> > >     paragraph of 5.2). Did you mean the server MUST support at
least
> > >     one of XML or JSON but not necessarily both? I think you
really
> > >     intended that the server support BOTH types of encoding.
> > >
> > >
> > > No -- it will be clarified that the server must support at least 1
> of
> > > the 2
> > >
> > >
> > >     * I _think_ I can infer that PUT can't be used with datastore
> > >     resources. Section 3.4 only speaks of POST and PATCH. Section
> 4.5
> > >     speaks about "target data resource" and is silent about
> datastore
> > >     resources. If I've understood the intent, please be explicit
> about
> > >     datastore resources in 4.5. If I've misunderstood then more
> > >     clarity is needed in both 3.4 and 4.5.
> > >
> > >
> > > The  next draft will be clarified to allow PUT on a datastore
> resource
> > Hrmm - that makes me less comfortable that you are actually aligned
> with
> > 7231. It may just be that you need to be more precise with your
> > description, but per 7231, PUT never creates resources - it can
create
> > or replace the state of a resource.
> > >
> > >     * In 3.5.3.1 you restrict identifiers with "MUST NOT start
with
> > >     'xml' (or any case variant of that string). Please call out
why
> > >     (or point to an existing document that explains why).
> > >
> > >
> > > OK
> > >
> > >
> > >     * The text in 5.3 about access control interacting with
caching
> > >     (added based on my early review I think) doesn't mesh well
with
> > >     paragraph 3 of section 5.5. There you tell the client to use
> Etag
> > >     and Last-Modified, but in 5.3 you say it won't work reliably
> when
> > >     access permissions change. At the very least 5.5 should point
> back
> > >     into the paragraph in 5.3.
> > >
> > >     Nits/editorial comments:
> > >
> > >     * Introduction, 4th paragraph - please change "MAY provide" to
> > >     "provides". Section 3.6 explains the cases where there is
choice
> > >     in what to provide.
> > >
> > >
> > >     * Section 2.3 paragraphs 1 and 2. There is edit-itis here left
> (I
> > >     suspect) from working in matching fingerprints. Consider
> combining
> > >     and simplifying these two paragraphs after improving the
> reference
> > >     issue called out above.
> > >
> > >     * Section 4 says "Access control mechanisms MUST be used to
> > >     limit..." This is not a good use of a 2119 MUST. I suggest
> > >     replacing "MUST be" with "are". The subsequent text already
> > >     captures the actual normative requirements on the server.
> > >
> > >     * Section 12 says "this protocol SHOULD be implemented
> carefully".
> > >     That is not a good use of a 2119 SHOULD. It is not a protocol
> > >     requirement. I suggest reformulating this into something like
> > >     "There are many patterns of attack that have been observed
> through
> > >     operational practice with existing management interfaces. It
> would
> > >     be wise for implementers to research them, and take them into
> > >     account when implementing this protocol." It would be far
better
> > >     to provide a pointer to where the implementer should start
this
> > >     research.
> > >
> > >     * (micronit) Lots of examples are internally inconsistent wrt
> > >     dates. For instance, look at the 200 OK in section 3.3.3 - it
> says
> > >     that back in 2012, a server returned something talking about a
> > >     library versioned in 2016.
> > >
> > >
> > >
> > > Andy
> > >
> >
> >
>
>
> ----------------------------------------------------------------------
--
> --------
>
>
> > _______________________________________________
> > Netconf mailing list
> > Netconf@ietf.org
> > https://www.ietf.org/mailman/listinfo/netconf
> >
>

v2.23.0 | Report a Bug | By Email