[netconf] Benjamin Kaduk's Discuss on draft-ietf-netconf-subscribed-notifications-25: (with DISCUSS and COMMENT)
Benjamin Kaduk via Datatracker <noreply@ietf.org> Fri, 03 May 2019 23:57 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: netconf@ietf.org
Delivered-To: netconf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E9894120092; Fri, 3 May 2019 16:57:26 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-netconf-subscribed-notifications@ietf.org, Kent Watsen <kent+ietf@watsen.net>, netconf-chairs@ietf.org, kent+ietf@watsen.net, netconf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.95.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Benjamin Kaduk <kaduk@mit.edu>
Message-ID: <155692784695.7217.908270903914526669.idtracker@ietfa.amsl.com>
Date: Fri, 03 May 2019 16:57:26 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/3rDv2EcR--2hBcoyDod2kns3jiA>
Subject: [netconf] Benjamin Kaduk's Discuss on draft-ietf-netconf-subscribed-notifications-25: (with DISCUSS and COMMENT)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 23:57:27 -0000
Benjamin Kaduk has entered the following ballot position for draft-ietf-netconf-subscribed-notifications-25: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-netconf-subscribed-notifications/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- It looks like the description of filter-failure-hint in modify-subscription-stream-error-info needs the same treatment that establish-subscription-stream-error-info received. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- [original comment section replaced] In the updated security considerations: The replay mechanisms described in Sections Section 2.4.2.1 and Section 2.5.6 provides access to historical event records. By design, the access control model that protects these records could enable subscribers to view data to which they were not authorized at the time of collection. Looks like there's some xml2rfc redundancy ("Sections Section"). o "excluded-event-records": leaf can provide information about filtered event records. A network operator should have permissions to know about such filtering. Improper configuration could provide a receiver with information leakage consisting of the dropping of event records. In mail I had proposed "Improper configuration could allow a receiver to learn that event records were dropped due to an ACL when the existence of that ACL would otherwise be transparent."; repeating it here just in case it got missed (but this remains the non-blocking comment section).
- [netconf] Benjamin Kaduk's Discuss on draft-ietf-… Benjamin Kaduk via Datatracker
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Eric Voit (evoit)
- Re: [netconf] Benjamin Kaduk's Discuss on draft-i… Benjamin Kaduk