[netmod] Re: Roman Danyliw's No Objection on draft-ietf-netmod-syslog-model-32: (with COMMENT)

Mahesh Jethanandani <mjethanandani@gmail.com> Mon, 16 September 2024 23:34 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A120C14F5EC; Mon, 16 Sep 2024 16:34:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-B9_lD34miu; Mon, 16 Sep 2024 16:34:28 -0700 (PDT)
Received: from mail-pl1-x62e.google.com (mail-pl1-x62e.google.com [IPv6:2607:f8b0:4864:20::62e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86678C14F5E2; Mon, 16 Sep 2024 16:34:28 -0700 (PDT)
Received: by mail-pl1-x62e.google.com with SMTP id d9443c01a7336-20536dcc6e9so27982015ad.2; Mon, 16 Sep 2024 16:34:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726529668; x=1727134468; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=2uUBJkSQ7/ygVffxiF7KxyrdaoLuOVfoNlKWickVvCA=; b=DSyx1KBctmkk7cPZdpykcSCqLFi12bpWWSJaiLJcaUfDZDvq3Wk4qLqBcERtvbgE4g p6glPyqQZCKVSaPWi+/yFB/uvhG/KIxctV9awQMxALZSpMpiK9jO7ieKzQqKo4W9SjcC v/mAQvWSTmS4pO+Omk6KcdCvL+dsUC4OPyNKYzMWqkEwNBiGhs8vBg07QoblH6NYqhh7 OAVIypNTL6G6hIy/zg60OZQYIUDocsMkXMIuJhIRPnp0zHit/xYKs1prmlgEoc4sN+qg UOwiLrtDYmnNCL3s4EA9/tF2e9IChvcQgO3FEeB63SxRDekuAeuXYw5ACinC74jKN+4M CvAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726529668; x=1727134468; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2uUBJkSQ7/ygVffxiF7KxyrdaoLuOVfoNlKWickVvCA=; b=cYA63mqD/0OJhNk1A1Plbv+qxx0oT+cBXgZJJ1jiyyT4zFuNHD7C2HIADSET3+P4ct WyMGxv7k4ooHMp6d4bqz94VV7D62FCQA5O1k50kmwBFKDmvNAmQmDrx2oz90jcqLnbgC O9uNzeUx8uZg5uzNMtxK11GXizsCnuQaus3Kv4fp3B2HnZ5l5Hcm8yzIFrzZu4k2Dvjv t11lNaJJEQCaIJ8Uf120gA5mmPwwkSaL6N0LFHuh7maEW0nVHe5x594jJA2gSxD+z5Dn c/nYovjfbZy+kVx0nx6g93Lbgh6dABG83FAQVRtowRoOfIuzm6nwzJj3XmXuZG95Kpte d6Gw==
X-Forwarded-Encrypted: i=1; AJvYcCUReCj53KpRiYhlZqTG7LmPLfvYvt2hn34uEwU7QiIegBYf5gb408uoX8LA0mGdnNg7Z97mFyIji3JgCeLe2Q==@ietf.org, AJvYcCWKaUONUKBeQqLv6DuYzUSBCHcb85tsD94cJaIg00q2+UraULT53pQR1UX5f+QbOW9XcC6V7WnD@ietf.org, AJvYcCWs7ydee+wMVMcaHnEswpmNDa3hWSrzQ41CfsxnsJe//1OOi0Mcc605FMp7RqFDSD7oNA+2L1EcF40pWVhB/Jvg410zX+PJp5MABiA9mUo=@ietf.org
X-Gm-Message-State: AOJu0YybqKTnKI+ltQSPTpbB6BCYBbAdve6LWjDAVhmfuNYB1nuiXrSN RJw+OuNm7jOnl8Ncf5MLQZLzqWAJydrvudaL5auTqO9fjoNuGWOA+QhQ/QAe
X-Google-Smtp-Source: AGHT+IFhmy/KVIdjRVKCw6NG6o6XyzneXNJyC/Gzsr2ZIrYLmNS9Iqmq7hT/EmEFlQXNdcGiAKiJbw==
X-Received: by 2002:a17:902:db0f:b0:202:cbf:2d6f with SMTP id d9443c01a7336-20782c16c23mr234277325ad.57.1726529667783; Mon, 16 Sep 2024 16:34:27 -0700 (PDT)
Received: from smtpclient.apple ([70.234.233.187]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-207945da8c9sm41385005ad.17.2024.09.16.16.34.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 16 Sep 2024 16:34:27 -0700 (PDT)
From: Mahesh Jethanandani <mjethanandani@gmail.com>
Message-Id: <F00FE8DC-90D6-409B-96CE-4E6DBB931AA4@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C0E9223C-46F9-4D77-AD74-DAB924C1EAAA"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Mon, 16 Sep 2024 16:34:26 -0700
In-Reply-To: <172652549324.190.6097933524097013536@dt-datatracker-65695bf5bc-rgg8z>
To: Roman Danyliw <rdd@cert.org>
References: <172652549324.190.6097933524097013536@dt-datatracker-65695bf5bc-rgg8z>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Message-ID-Hash: EGVT4REOBGDPWY27IVQUZLWK3KDVXE3S
X-Message-ID-Hash: EGVT4REOBGDPWY27IVQUZLWK3KDVXE3S
X-MailFrom: mjethanandani@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-netmod.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-netmod-syslog-model@ietf.org, NETMOD WG Chairs <netmod-chairs@ietf.org>, NETMOD Working Group <netmod@ietf.org>, Kent Watsen <kent+ietf@watsen.net>, kwatsen@juniper.net
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [netmod] Re: Roman Danyliw's No Objection on draft-ietf-netmod-syslog-model-32: (with COMMENT)
List-Id: NETMOD WG list <netmod.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/Iz0RerhJsCLcS_0c9RLLjAqNRdk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Owner: <mailto:netmod-owner@ietf.org>
List-Post: <mailto:netmod@ietf.org>
List-Subscribe: <mailto:netmod-join@ietf.org>
List-Unsubscribe: <mailto:netmod-leave@ietf.org>

Hi Roman,

> On Sep 16, 2024, at 3:24 PM, Roman Danyliw via Datatracker <noreply@ietf.org> wrote:
> 
> Roman Danyliw has entered the following ballot position for
> draft-ietf-netmod-syslog-model-32: No Objection
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
> for more information about how to handle DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-netmod-syslog-model/
> 
> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Thank you to Francis Dupont for the GENART review.
> 
> ** Section 10 says “ There are no RPC operations defined in this YANG module.” 
> However, in Figure 1 there is:
> 
>                 |  |  +---x generate-csr {csr-generation}?
> 
> Which appears to be generate-csr-grouping from draft-ietf-netconf-crypto-types.
> 
> Should the Security Considerations of draft-ietf-netconf-crypto-types be
> mentioned?  Is this Section 10 language of “no RPC operations defined”accurate
> – is it because the thinking is that this functionality is imported (via
> ct:asymmetric-key-pair-with-cert-grouping)?

That is correct. The RPC operation is imported from ietf-crypto-types module, and is not something that is defined in this model. You will notice that Section 3.8 <https://datatracker.ietf.org/doc/html/draft-ietf-netconf-crypto-types-34#name-considerations-for-the-ietf> of draft-ietf-netconf-crypto-types delves into the security considerations for actions including generate-csr (called generate-certificate-signing-request in the draft, but has been updated since).

If it helps we can add a sentence to that effect. Something like:

"This module imports groupings from ietf-crypto-types YANG module defined in [I-D.ietf-netconf-crypto-types]. Security considerations described in that draft apply to this module also.”

Better?

> 
> 
> 


Mahesh Jethanandani
mjethanandani@gmail.com