Re: [netconf] Genart last call review of draft-ietf-netconf-crypto-types-28
worley@ariadne.com Mon, 29 January 2024 19:18 UTC
Return-Path: <worley@alum.mit.edu>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9798FC15107A for <netconf@ietfa.amsl.com>; Mon, 29 Jan 2024 11:18:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.993
X-Spam-Level:
X-Spam-Status: No, score=-5.993 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcastmailservice.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z26v4ehtquvk for <netconf@ietfa.amsl.com>; Mon, 29 Jan 2024 11:18:26 -0800 (PST)
Received: from resqmta-h1p-028590.sys.comcast.net (resqmta-h1p-028590.sys.comcast.net [96.102.200.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF61CC151086 for <netconf@ietf.org>; Mon, 29 Jan 2024 11:18:26 -0800 (PST)
Received: from resomta-h1p-027911.sys.comcast.net ([96.102.179.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 256/256 bits) (Client did not present a certificate) by resqmta-h1p-028590.sys.comcast.net with ESMTP id UThxrq1WEAzGZUX7Jrv3yz; Mon, 29 Jan 2024 19:16:25 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastmailservice.net; s=20211018a; t=1706555785; bh=kc2V9XS8XtfcTxZVIH8PCrZVGU/G8swYbi3Tc76diP8=; h=Received:Received:Received:Received:From:To:Subject:Date: Message-ID:Xfinity-Spam-Result; b=gPUfqujVkKINm6A2IdJn1pja1H1pFPisp147sP+7mB/jzSWqDWve2Q8DzoyZCQ04d +oXKtlaWqhUxTdQfXRy7PJ5m8cJpoOQvHdb2x/fvp07RfR+Q7L1OkoX8w0OgmpPmvw sZ4I+WagI03Gcudl32F3bpXkgj0VhOQVaFqDHp/FZNDo8LKMS888mwS+IuwKBk6+IZ +1zOif8SCNKZL8Wi8tauKOKGkNYI3TvCqPDddCe80N3ujd3cYAJa9TuASpVeh8YAtR 0/B0rM3j4trI5Flr4XWSJozgfbgQ8WiAtB1v9KAmitV7jVTIUp7FnKiHlphmqu1NtY h6WD0gI5Jo8Ig==
Received: from hobgoblin.ariadne.com ([IPv6:2601:192:4a00:430::dd00]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 256/256 bits) (Client did not present a certificate) by resomta-h1p-027911.sys.comcast.net with ESMTPA id UX6trLJtA7SC4UX6vrTVoe; Mon, 29 Jan 2024 19:16:03 +0000
Received: from hobgoblin.ariadne.com (localhost [127.0.0.1]) by hobgoblin.ariadne.com (8.16.1/8.16.1) with ESMTPS id 40TJFxF31849162 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Mon, 29 Jan 2024 14:15:59 -0500
Received: (from worley@localhost) by hobgoblin.ariadne.com (8.16.1/8.16.1/Submit) id 40TJFwDm1849159; Mon, 29 Jan 2024 14:15:58 -0500
X-Authentication-Warning: hobgoblin.ariadne.com: worley set sender to worley@alum.mit.edu using -f
From: worley@ariadne.com
To: Kent Watsen <kent+ietf@watsen.net>
Cc: worley@ariadne.com, gen-art@ietf.org, draft-ietf-netconf-crypto-types.all@ietf.org, last-call@ietf.org, netconf@ietf.org
In-Reply-To: <0100018d4819a9b6-b4591198-f442-429f-8479-8c5b10a1426c-000000@email.amazonses.com> (kent+ietf@watsen.net)
Sender: worley@ariadne.com
Date: Mon, 29 Jan 2024 14:15:58 -0500
Message-ID: <877cjs7xxt.fsf@hobgoblin.ariadne.com>
X-CMAE-Envelope: MS4xfB7vzYxVh9QCM1PahFLGfkmsFLKpAB5RGBl6+EfYuNB6Niotb7rHhbY6shX83B5yutpccVjEDyGXUmbSG5YsfjTkQFYHExLIWm3U1mtcb5v4KkJAukUk yNBRQ0qSVE0K8mEDWUPqm4Iia7jFFiWlyjajxLK1yD7+clbIqHPko+oWlUNQei3daU9m87zaxHo+2sNqNN6JobUfrbsyE1GWFQyAUcJvG6gVl7s/rXD5OYAG jD8lHs2B8yINv64Jrc0VG7ymPn/FNqKEocxxPwHSL0mWfnpbPFURbtNMbHhVgsr2XJyeIJWLx3oU6qc6lfxBVo50BKS2gzUyiv4s3YNum1CkaG66x0vWEv3Y 71DD9wfKyzVVJ7VAyQ15jfHYCf8o0/F8z9Ws3aiqp1bSNqEsKN0=
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/2M-XqT7Rv560i8ycGdz1kO22W6Y>
Subject: Re: [netconf] Genart last call review of draft-ietf-netconf-crypto-types-28
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2024 19:18:30 -0000
Kent Watsen <kent+ietf@watsen.net> writes: > [...] All of the fixes look good to me and require no comment, except the following items: >> Table 1: Label to RFC Mapping >> >> In -28, this caption appears visually to be the caption of both the >> dependency diagram at the top of page 5 and the label-to-RFC mapping >> table at the bottom of page 5, and so probably should be amended to >> describe both of them together. > > s/Label in Diagram to RFC Mapping/Label to RFC Mapping/ > > Good enough? Since the title on the table in -28 already is "Label to RFC Mapping", I think you didn't write here what you meant. >> 3.10. The "ietf-crypto-types" YANG Module >> >> The title of this section seems to be uninformative given that 'The >> "ietf-crypto-types" YANG Module' is the subject of the entire >> document. Is this title what was intended? > > For the most part, yes, I see your point. > Maybe s/The/For the/ or s/The/Regarding the/? > > In any case, be aware that there exists an IETF-defined template > for the Security Considerations section that is to be used for each > YANG module defined in a draft. So, if a draft defines the three > modules: ietf-foo-common, ietf-foo-client, and ietf-foo-server, the > Security Considerations section contains the three subsections: > > The "ietf-foo-common" YANG Module > The "ietf-foo-client" YANG Module > The "ietf-foo-server" YANG Module > > Each containing an instance of the template for that YANG module. Ah, yes, and having this section hierarchy: Security Considerations The "ietf-foo-common" YANG Module The "ietf-foo-client" YANG Module The "ietf-foo-server" YANG Module is quite clear. ... Even setting the title of the section to "3.10. Security considerations for the the "ietf-crypto-types" YANG Module" reads oddly as a subsection of "Security considerations". ... What you *mean* is "RFC 8407 security considerations section template", but that's too long. Perhaps "Security considerations template"? "Template for the "ietf-crypto-types" YANG Module"? And there's an oddity that although 3.10 is the instantiated template from RFC 8407/BCP 216 section 3.7.1, the draft doesn't reference RFC 8407/BCP 216. Could you add e.g. [RFC 8407] as a reference at the very beginning of 3.10? >> Some of the readable data nodes defined in this YANG module may be >> considered sensitive or vulnerable in some network environments. It >> is thus important to control read access (e.g., via get, get-config, >> or notification) to these data nodes. These are the subtrees and >> data nodes and their sensitivity/vulnerability: >> >> The use of "These" in the last sentence does not have an unambiguous >> referent as I read it. Perhaps "These subtrees/data nodes have these >> particular sensitivities/vulnerabilities:" Similar considerations >> apply to the last sentence of: >> >> Some of the operations in this YANG module may be considered >> sensitive or vulnerable in some network environments. It is thus >> important to control access to these operations. These are the >> operations and their sensitivity/vulnerability: > > This text comes from the aforementioned template. That said, I agree > that it's not great. Perhaps, even better, "*The following* subtrees and > data nodes have particular sensitivities/vulnerabilities"? Yes, your version is clearer. (And the template should be updated that way, too!) Dale
- [netconf] Genart last call review of draft-ietf-n… Dale Worley via Datatracker
- Re: [netconf] [Last-Call] Genart last call review… Salz, Rich
- Re: [netconf] Genart last call review of draft-ie… Kent Watsen
- Re: [netconf] [Last-Call] Genart last call review… Kent Watsen
- Re: [netconf] Genart last call review of draft-ie… worley
- Re: [netconf] Genart last call review of draft-ie… Kent Watsen
- Re: [netconf] Genart last call review of draft-ie… worley
- Re: [netconf] [Gen-art] Genart last call review o… Lars Eggert
- Re: [netconf] [Gen-art] Genart last call review o… mohamed.boucadair