[Last-Call] Secdir last call review of draft-ietf-i2nsf-nsf-facing-interface-dm-16
Kyle Rose via Datatracker <noreply@ietf.org> Mon, 22 November 2021 17:55 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: last-call@ietf.org
Delivered-To: last-call@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CB80C3A0CCA; Mon, 22 Nov 2021 09:55:54 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Kyle Rose via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: draft-ietf-i2nsf-nsf-facing-interface-dm.all@ietf.org, i2nsf@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.40.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <163760375473.4258.2594227295562861974@ietfa.amsl.com>
Reply-To: Kyle Rose <krose@krose.org>
Date: Mon, 22 Nov 2021 09:55:54 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/IxE536RfvNPa48QNWpE-u8B-6fI>
Subject: [Last-Call] Secdir last call review of draft-ietf-i2nsf-nsf-facing-interface-dm-16
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Nov 2021 17:55:55 -0000
Reviewer: Kyle Rose Review result: Has Issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document Has Issues. I don't actually have a lot to say about this document from a security perspective: its purpose is to describe, using YANG, a data model intended as the basis for configuration schemas developed for implementations of the Interface to Network Security Functions (I2NSF) framework. Security considerations for the most part should be addressed in documents describing system architecture or normatively detailing how implementations are to make use of the data model described here. I'm not going to relitigate any such issues here. The main issues I found in this document are ones that I, as someone not terribly familiar with YANG, found troubling from a general engineering perspective. These are best illustrated by example: * Why are `ipvX-prefix`, `-range`, and (the misleadingly-named) `-address` defined here? These concepts are generic enough that they should be in modules of their own to minimize variation among data models and the errors that will inevitably result from capturing the same concept in slightly different ways that are not obvious to the user. * Overall, I have to imagine that much of the `nsfintf` data model is generic enough that it should be captured externally. For instance, `tcp-flags`, `port-range`, `flow-label`, `dscp`, etc. are generally useful elements of an abstract transport data model that they shouldn't be defined here, but rather incorporated from an external data model that is maintained by those in (for example) the transport area. Am I just commenting on the YANG ecosystem in general? If these are standard practices, then the overall ecosystem has major latent problems. Ideally, a particular YANG module seems like it should describe only those elements defined at a particular layer, in this case rules and actions, and use reference external modules for elements that are defined at lower layers. Also some nits: * `ipvX-address` describes a subspace of the global IPvX address space, not a single address. The name is going to cause problems. * The descriptions given are often (usually?) just restatements of the entity name. Example is `identity priority-by-order` described as "Identity for priority by order". The description should provide some value for the user beyond simply restating the name. * The headings in section 5 should be clearly labeled with the word "example", such as "Example Security Requirement 1". * IPv6 addresses in text MUST be represented in lowercase, according to RFC 5952 section 4.3.
- [Last-Call] Secdir last call review of draft-ietf… Kyle Rose via Datatracker
- Re: [Last-Call] [I2nsf] Secdir last call review o… Mr. Jaehoon Paul Jeong
- Re: [Last-Call] [I2nsf] Secdir last call review o… t petch
- Re: [Last-Call] [I2nsf] Secdir last call review o… Mr. Jaehoon Paul Jeong
- Re: [Last-Call] [I2nsf] Secdir last call review o… Kyle Rose
- Re: [Last-Call] [I2nsf] Secdir last call review o… Mr. Jaehoon Paul Jeong