Re: [Netconf] I-D Action: draft-ietf-netconf-zerotouch-23.txt

David Mandelberg <david+work@mandelberg.org> Sun, 26 August 2018 00:10 UTC

Return-Path: <david+work@mandelberg.org>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A92481274D0 for <netconf@ietfa.amsl.com>; Sat, 25 Aug 2018 17:10:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1uRVIhveh1Na for <netconf@ietfa.amsl.com>; Sat, 25 Aug 2018 17:10:46 -0700 (PDT)
Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16B761252B7 for <netconf@ietf.org>; Sat, 25 Aug 2018 17:10:45 -0700 (PDT)
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.2 cv=WIg9ZTkR c=1 sm=1 tr=0 a=OXtaa+9CFT7WVSERtyqzJw==:117 a=OXtaa+9CFT7WVSERtyqzJw==:17 a=KGjhK52YXX0A:10 a=IkcTkHD0fZMA:10 a=NTnny0joGdQA:10 a=dapMudl6Dx4A:10 a=bmmO2AaSJ7QA:10 a=RpNjiQI2AAAA:8 a=48vgC7mUAAAA:8 a=BTUBnpS-AAAA:8 a=_YDSVN6xCY2QFEpKTOwA:9 a=jpIH26JlB8aEU1M81S3jpgcb7nU=:19 a=QEXdDO2ut3YA:10 a=w1C3t2QeGrPiZgrLijVG:22 a=pblkFgjdBCuYZ9-HdJ6i:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
X-Authed-Username: ZHNlb21uQHJjbi5jb20=
Authentication-Results: smtp03.rcn.cmh.synacor.com header.from=david+work@mandelberg.org; sender-id=neutral
Authentication-Results: smtp03.rcn.cmh.synacor.com smtp.mail=david+work@mandelberg.org; spf=neutral; sender-id=neutral
Authentication-Results: smtp03.rcn.cmh.synacor.com smtp.user=dseomn@rcn.com; auth=pass (LOGIN)
Received-SPF: neutral (smtp03.rcn.cmh.synacor.com: 209.6.43.168 is neither permitted nor denied by domain of mandelberg.org)
Received: from [209.6.43.168] ([209.6.43.168:33708] helo=uriel.mandelberg.org) by smtp.rcn.com (envelope-from <david+work@mandelberg.org>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA (cipher=DHE-RSA-AES256-GCM-SHA384) id F1/93-40409-400F18B5; Sat, 25 Aug 2018 20:10:44 -0400
Received: from [192.168.1.152] (DD-WRT [192.168.1.1]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 22FED1C6093; Sat, 25 Aug 2018 20:10:44 -0400 (EDT)
To: Kent Watsen <kwatsen@juniper.net>, "netconf@ietf.org" <netconf@ietf.org>
Cc: Andy Bierman <andy@yumaworks.com>, Martin Thomson <martin.thomson@gmail.com>
References: <153478564565.23119.9766582310559048569@ietfa.amsl.com> <0DA47346-64BE-4FD1-888F-F0E47688C14F@juniper.net>
From: David Mandelberg <david+work@mandelberg.org>
Message-ID: <4be03677-70b8-98a2-49b3-1be4abd5da7e@mandelberg.org>
Date: Sat, 25 Aug 2018 20:10:41 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <0DA47346-64BE-4FD1-888F-F0E47688C14F@juniper.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/qDKm9Tr7nW-ctrKWbGCk17uAmV8>
Subject: Re: [Netconf] I-D Action: draft-ietf-netconf-zerotouch-23.txt
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Aug 2018 00:10:48 -0000

Hi,

Thanks again for addressing all my -22 review comments. Here are a few 
more for -23:

Section 5.6: "Hinder[ing] the ability for the device to continue the 
bootstrapping sequence" was only part of why I asked about the error 
cases. The other part is that I think there's a security risk in leaving 
bootstrapping enabled after the device is partially/mostly configured, 
since bootstrapping opens the possibility for various parties to change 
the configuration. Is there a reason not to require devices to fully 
rollback the configuration if there's an error after it's applied?

(nit) Section 9.8: "For best security, it is RECOMMENDED that owners 
only provide signed data, for use with any source of bootstrapping 
data". Using signed data all the time is fine, but I don't think 
unencrypted signed data provides any additional security when using a 
trusted bootstrap server, since that server can always remove the 
signature and serve the same data unsigned.

(nit) Section 9.11: "potential cause problems" should be "potential to 
cause problems".

On 08/20/2018 01:28 PM, Kent Watsen wrote:
> 
> All,
> 
> This update addresses the issues I raised over the course of the
> last couple weeks.  Please review and provide comments.
> 
>   - Andy, it's not specific in some ways, and yet specific in others.
> 
>   - Martin, I created an "Implementation Notes" section.
> 
>   - David (SecDir), please review the final diffs, especially
>     Section 5.6 and the Security Considerations sections.
> 
>   - Mahesh (Shepherd), let's give the WG at least a week to
>     review before pressing the button to publish it to the IESG.
> 
> Thanks,
> Kent
> 
> ===== original message =====
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Network Configuration WG of the IETF.
> 
>          Title           : Zero Touch Provisioning for Networking Devices
>          Authors         : Kent Watsen
>                            Mikael Abrahamsson
>                            Ian Farrer
> 	Filename        : draft-ietf-netconf-zerotouch-23.txt
> 	Pages           : 87
> 	Date            : 2018-08-20
> 
> Abstract:
>     This draft presents a technique to securely provision a networking
>     device when it is booting in a factory-default state.  Variations in
>     the solution enables it to be used on both public and private
>     networks.  The provisioning steps are able to update the boot image,
>     commit an initial configuration, and execute arbitrary scripts to
>     address auxiliary needs.  The updated device is subsequently able to
>     establish secure connections with other systems.  For instance, a
>     device may establish NETCONF (RFC 6241) and/or RESTCONF (RFC 8040)
>     connections with deployment-specific network management systems.
> 
> 
> The IETF datatracker status page for this draft is:
> https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dietf-2Dnetconf-2Dzerotouch_&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=ZN34jylWdiYshyDY0U03sNAez1BLE6do097NTHbOq_Y&e=
> 
> There are also htmlized versions available at:
> https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dnetconf-2Dzerotouch-2D23&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=qpRyKDmimUFa8CwHS3gpr0s4mI2VIpjiMBUL7PaqY8s&e=
> https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_html_draft-2Dietf-2Dnetconf-2Dzerotouch-2D23&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=x0FGfhTf4hmbqRIXAgEqG1XJadCGXa4TFJh4UipvOKg&e=
> 
> A diff from the previous version is available at:
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_rfcdiff-3Furl2-3Ddraft-2Dietf-2Dnetconf-2Dzerotouch-2D23&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=p9_0mbhtuas_-0rXnxG3ahyEmbqIqGm-sb0x-QMpFD4&e=
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> Internet-Drafts are also available by anonymous FTP at:
> https://urldefense.proofpoint.com/v2/url?u=ftp-3A__ftp.ietf.org_internet-2Ddrafts_&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=vvu4mqjqq_gVoZTzUp17Ho_G9R0gyITDBL1ePW6Y5U8&e=
> 
> _______________________________________________
> Netconf mailing list
> Netconf@ietf.org
> https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_netconf&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=2UxXuTOrRIwqY5KeQFa-UsLNNhjY8ucSI09-gqmCkoI&s=WVxGo03FpNU0wfJwGh5jzY6uQETL8buqPNMPL68zj3o&e=
> 
> 


-- 
https://david.mandelberg.org/