Re: [netconf] Genart last call review of draft-ietf-netconf-crypto-types-28
Kent Watsen <kent+ietf@watsen.net> Mon, 29 January 2024 21:15 UTC
Return-Path: <0100018d5713b114-d82deed0-bf0e-41f9-a48b-c4e69fa5f92c-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B174C151707; Mon, 29 Jan 2024 13:15:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G0Rtcwt89zrL; Mon, 29 Jan 2024 13:15:26 -0800 (PST)
Received: from a8-33.smtp-out.amazonses.com (a8-33.smtp-out.amazonses.com [54.240.8.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFEA5C151535; Mon, 29 Jan 2024 13:15:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1706562924; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:Feedback-ID; bh=LdcYALdVv0n+NG8jilHYdy4zQPDJHp5EvdjATmMyelE=; b=Xy8hw6bcJsddcZbZ+V5HA2me/et35fwykuOlHJq+DPJI3RuqSqGwMYpy+N9tyZ2L X1tsNPUX5HljgWbQ5Y5NFV9xMVPpgBf2iv3WHDyENmroptdkusomsnYrnbq8RHjt9EW BIk1kIPIdDubDCbWBxolSFhZLJR6KU/zWLJAaT3Q=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
From: Kent Watsen <kent+ietf@watsen.net>
In-Reply-To: <877cjs7xxt.fsf@hobgoblin.ariadne.com>
Date: Mon, 29 Jan 2024 21:15:24 +0000
Cc: gen-art@ietf.org, draft-ietf-netconf-crypto-types.all@ietf.org, last-call@ietf.org, "netconf@ietf.org" <netconf@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-ID: <0100018d5713b114-d82deed0-bf0e-41f9-a48b-c4e69fa5f92c-000000@email.amazonses.com>
References: <877cjs7xxt.fsf@hobgoblin.ariadne.com>
To: "Dale R. Worley" <worley@ariadne.com>
X-Mailer: Apple Mail (2.3731.600.7)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2024.01.29-54.240.8.33
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/d0tP-FsrkZYFotBwMTZq6jIv9us>
Subject: Re: [netconf] Genart last call review of draft-ietf-netconf-crypto-types-28
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jan 2024 21:15:27 -0000
Hi Dale, > On Jan 29, 2024, at 2:15 PM, Dale R. Worley <worley@ariadne.com> wrote: > > Kent Watsen <kent+ietf@watsen.net> writes: >> [...] > > All of the fixes look good to me and require no comment, except the > following items: > >>> Table 1: Label to RFC Mapping >>> >>> In -28, this caption appears visually to be the caption of both the >>> dependency diagram at the top of page 5 and the label-to-RFC mapping >>> table at the bottom of page 5, and so probably should be amended to >>> describe both of them together. >> >> s/Label in Diagram to RFC Mapping/Label to RFC Mapping/ >> >> Good enough? > > Since the title on the table in -28 already is "Label to RFC Mapping", I > think you didn't write here what you meant. Whoops - I had that backwards. Was supposed to be: s/Label to RFC Mapping/Label in Diagram to RFC Mapping/ >>> 3.10. The "ietf-crypto-types" YANG Module >>> >>> The title of this section seems to be uninformative given that 'The >>> "ietf-crypto-types" YANG Module' is the subject of the entire >>> document. Is this title what was intended? >> >> For the most part, yes, I see your point. >> Maybe s/The/For the/ or s/The/Regarding the/? >> >> In any case, be aware that there exists an IETF-defined template >> for the Security Considerations section that is to be used for each >> YANG module defined in a draft. So, if a draft defines the three >> modules: ietf-foo-common, ietf-foo-client, and ietf-foo-server, the >> Security Considerations section contains the three subsections: >> >> The "ietf-foo-common" YANG Module >> The "ietf-foo-client" YANG Module >> The "ietf-foo-server" YANG Module >> >> Each containing an instance of the template for that YANG module. > > Ah, yes, and having this section hierarchy: > > Security Considerations > The "ietf-foo-common" YANG Module > The "ietf-foo-client" YANG Module > The "ietf-foo-server" YANG Module > > is quite clear. ... Even setting the title of the section to > "3.10. Security considerations for the the "ietf-crypto-types" YANG > Module" reads oddly as a subsection of "Security > considerations". ... What you *mean* is "RFC 8407 security > considerations section template", but that's too long. Perhaps > "Security considerations template"? "Template for the > "ietf-crypto-types" YANG Module"? Now says "Template for the "ietf-crypto-types" YANG Module” (in all nine drafts) > And there's an oddity that although 3.10 is the instantiated template > from RFC 8407/BCP 216 section 3.7.1, the draft doesn't reference RFC > 8407/BCP 216. Could you add e.g. [RFC 8407] as a reference at the very > beginning of 3.10? I added the following sentence to the top of each such section (in all nine drafts) <t>This section follows the template defined in <xref section="3.7.1" target="RFC8407"/>.</t> >>> Some of the readable data nodes defined in this YANG module may be >>> considered sensitive or vulnerable in some network environments. It >>> is thus important to control read access (e.g., via get, get-config, >>> or notification) to these data nodes. These are the subtrees and >>> data nodes and their sensitivity/vulnerability: >>> >>> The use of "These" in the last sentence does not have an unambiguous >>> referent as I read it. Perhaps "These subtrees/data nodes have these >>> particular sensitivities/vulnerabilities:" Similar considerations >>> apply to the last sentence of: >>> >>> Some of the operations in this YANG module may be considered >>> sensitive or vulnerable in some network environments. It is thus >>> important to control access to these operations. These are the >>> operations and their sensitivity/vulnerability: >> >> This text comes from the aforementioned template. That said, I agree >> that it's not great. Perhaps, even better, "*The following* subtrees and >> data nodes have particular sensitivities/vulnerabilities"? > > Yes, your version is clearer. Fixed (in all nine drafts) > (And the template should be updated that > way, too!) Maybe you can file an Errata against RFC 8407? > > Dale PS: edits are in my local copy - not published yet… Kent
- [netconf] Genart last call review of draft-ietf-n… Dale Worley via Datatracker
- Re: [netconf] [Last-Call] Genart last call review… Salz, Rich
- Re: [netconf] Genart last call review of draft-ie… Kent Watsen
- Re: [netconf] [Last-Call] Genart last call review… Kent Watsen
- Re: [netconf] Genart last call review of draft-ie… worley
- Re: [netconf] Genart last call review of draft-ie… Kent Watsen
- Re: [netconf] Genart last call review of draft-ie… worley
- Re: [netconf] [Gen-art] Genart last call review o… Lars Eggert
- Re: [netconf] [Gen-art] Genart last call review o… mohamed.boucadair