IETF Logo Mail Archive

Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 12 January 2018 14:24 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C569012DA45; Fri, 12 Jan 2018 06:24:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dPr5EWaFbpxt; Fri, 12 Jan 2018 06:24:09 -0800 (PST)
Received: from mail-pg0-x236.google.com (mail-pg0-x236.google.com [IPv6:2607:f8b0:400e:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9DAF812D77D; Fri, 12 Jan 2018 06:24:09 -0800 (PST)
Received: by mail-pg0-x236.google.com with SMTP id t67so4654233pgc.5; Fri, 12 Jan 2018 06:24:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=j7uQ7x5AIwuNCpGRBMUGKnSvuxl/ZsxjpEovt/2FdT0=; b=bnGovCTxFC9uyDeaXM8nHEc9I8Q1JeFHBgdMKFPjUbl2mMalma9c5kEM4jnL/qezOe xlR8HR5LmkkolzpzUNJgYo3/W5DGIARVXhzt+/ad7IdxLMTCDU5sugPNolMDd6Z7TOBZ XFkTusN6mPpo5NlB5O5/4hM2nU1xidyxlN2I585OkXK+DmvlYu7+ds9XZe6ncHAsmN/V +LqCOHgjgpwa1bjgkQR2quZfjUKJIo2jhv6p+nwNC8kI7bXGU7L0c4qtTyDkGBmpEXth PzVFJUrwlWPyXhBgq+htcMNNiONL1sFWyrPmw0slIZUsdFUVQiFXdg5WvoP+yjSUKpUD MgRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=j7uQ7x5AIwuNCpGRBMUGKnSvuxl/ZsxjpEovt/2FdT0=; b=L/VVSYTG0Ex0kJo8YGqN6WN1pjdqDKP1JmvVKJw2Rt6JPuSGAw+tZRnkJey7UMONxs oRmpYKEp3rW0uvq6bBmosGRaulrU+1BVGe858x0aejBgpymDKKyFp9s6JiB+I4wv/lJf SfzmJI75oNl6SVdLeMEtZoPway0Dh0xxuwgn2Fg5CRQLIfiXtJC9LMuuTEs61nt5ouJ4 QmX0631Bz/pr+FT5BStAEDM3gAjvxCZKmMWMx7AAh/cK0W+bhGeoChV8Bse82rMlW0AL Kwt8YElya2HVjpeA+NgoThkeeFRJCfphaADq6H6WaoDWv/nEsYzGPBLAgY4cO12nXSt0 7kdw==
X-Gm-Message-State: AKGB3mIbbKZcc2S4+oO5sv49jLtcO48O9U9QQZqEl9uR6Aa1qecRJSPX J7TDORLXKGaSemfnaY5H/jmf5RUApope/7gBGs8=
X-Google-Smtp-Source: ACJfBoviIwiw33ldd8PhUiedalfQFNM11Txm3N7KVRAFJ9TkZ7E4+cYXtu8h6CDv5ovSmaket2zBCbUb/OJAJOec4iw=
X-Received: by 10.101.81.7 with SMTP id f7mr20865742pgq.443.1515767049232; Fri, 12 Jan 2018 06:24:09 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.186.208 with HTTP; Fri, 12 Jan 2018 06:23:28 -0800 (PST)
In-Reply-To: <20180112094500.ymlrkswjfgkhibef@elstar.local>
References: <151561207372.18313.8094240527199424975.idtracker@ietfa.amsl.com> <20180110194529.3myrio6vrvsn3jjh@elstar.local> <CAHbuEH6WXMU6RknQdfuq30zhbUycQtFRW54hOT9WkwR8g2Rsxg@mail.gmail.com> <20180111075218.3tu65mthzlnef3bi@elstar.local> <CAHbuEH5tDDaTQwNHpsoWU7DUWYp8o945vm6VpVydJh2AEarMiQ@mail.gmail.com> <20180112094500.ymlrkswjfgkhibef@elstar.local>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 12 Jan 2018 09:23:28 -0500
Message-ID: <CAHbuEH72gz5poJa+rxiaxxvMHk7zKhQvz_cuX+DimPGG6QGyNw@mail.gmail.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-netmod-revised-datastores@ietf.org, Lou Berger <lberger@labn.net>, netmod-chairs@ietf.org, netmod@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/4XzTaXOgEoxteHeuZ_sasYNGCG0>
Subject: Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2018 14:24:12 -0000

Hi Juergen,

On Fri, Jan 12, 2018 at 4:45 AM, Juergen Schoenwaelder
<j.schoenwaelder@jacobs-university.de> wrote:
> On Thu, Jan 11, 2018 at 11:03:30AM -0500, Kathleen Moriarty wrote:
>> Hi Juergen,
>>
>> Thank you very much for the additional information.  This was very
>> helpful.  Benoit and I discussed it a bit further on the telechat and
>> some text changes in the introduction and security considerations
>> section to provide some of this information for the reader will be
>> helpful.  I got the explanations and appreciate them and from the
>> explanations, my discuss questions have been answered and I'll switch
>> this to a no objection leaving you and Benoit to add the text as
>> helpful for other readers.
>>
>
> Kathleen,
>
> we propose to add this text to the security considerations:
>
>   The origin metadata annotation exposes the origin of values in the
>   applied configuration. Origin information may provide hints that
>   certain control plane protocols are active on a device. Since origin
>   information is tied to applied configuration values, it is only
>   accessible to clients that have the permissions to read the applied
>   configuration values. Security administrators should consider the
>   sensitivity of origin information while defining access control
>   rules.


Thank you, that is very helpful.  Would it also be possible to add
text in the introduction on where the data for these values comes from
(the device itself)?

Best regards,
Kathleen

>
> /js
>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>



-- 

Best regards,
Kathleen

v2.23.0 | Report a Bug | By Email