Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Fri, 12 January 2018 17:52 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2114F12D7F5; Fri, 12 Jan 2018 09:52:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3D6slLm46stq; Fri, 12 Jan 2018 09:52:15 -0800 (PST)
Received: from mail-pg0-x230.google.com (mail-pg0-x230.google.com [IPv6:2607:f8b0:400e:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FF1B12D778; Fri, 12 Jan 2018 09:52:14 -0800 (PST)
Received: by mail-pg0-x230.google.com with SMTP id j4so5036661pgp.1; Fri, 12 Jan 2018 09:52:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=9QLSQv/TiRntjSnq2coLicino+CMhgNXOjiAS4hxkIY=; b=Qla/HOP9G79F0wrsgt3YTn5N1MJLmCDvXIJbpD6o7wc6w9JOrxkxsMAdxuT2DTx4Ew 10kG0MSP/aZ8U4C37wjRwrj+AKSP962f+mecJnIXG2BAyFl0c2duJEKaRSlXilS6ax26 5UnWMeIoTi1geps8WHBMxs4kn3OV+vt7gib3FvOOjb4Dc9cnrJ1U3vJOIuOa0YbUqYyk qBKIUI9VJ+Jjrib8txuu6JK/ZX5CiCyLFWJUgMa62zlx1EJGPl6b6fxFkQF7DlySTohr Nv+N/WSeD5cJlxsdm6uJfnd0OqzPPcbz96XTfyg+ThYLPfZhd3tdK/V+WDI3kbli5N17 2SrQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=9QLSQv/TiRntjSnq2coLicino+CMhgNXOjiAS4hxkIY=; b=ic9jOJOKw7Afa9JxtFyYRKBziTor37zSEODHFFzAFh0NCQC4/McOhd25UsmvY/T5oF flEhAemvv4FX/6VJ28YmSoz1XYmikf1dKbEZ53dOX5h0Jt6VtNFaX8HQKxKYcXszVgPe lCRxxPGceOkWGsPo57Gg80Nt+t2gTnNDLvffsFLZVjvkWS8V8QDgh/e6Iahia9IJk4BM dykWNKYYrxrHgxl+GXuskvDQStaVO00CuiQQVJF379ni8HmDW94XMrRECjMEyHn+NdW6 CLc/4cRd0Npj5Lxqfy67pv39kitMyd3lY3sTM+8po00IkYARSbCj0kqNIvCQXL7m9+41 /5kA==
X-Gm-Message-State: AKGB3mKbAwPpZmjrIWG9QS4yPOwqNDXF1BcUXRHNalJVCpvb5/4Jq9sm hSlDonGoXorbskRvErFUz5SFlW4cOC+Lf1aSFEM=
X-Google-Smtp-Source: ACJfBouodVCfdjbSxNHMbLUajsO51rlsr/de9HZ0wXMG8xfb+iXTOtp9eMlmsNOiaaxwJyPY5Wf+iM/DWL5OsTLeFzM=
X-Received: by 10.98.138.3 with SMTP id y3mr24278951pfd.132.1515779534586; Fri, 12 Jan 2018 09:52:14 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.186.208 with HTTP; Fri, 12 Jan 2018 09:51:34 -0800 (PST)
In-Reply-To: <20180112160020.ovnu3xtns5y325ug@elstar.local>
References: <151561207372.18313.8094240527199424975.idtracker@ietfa.amsl.com> <20180110194529.3myrio6vrvsn3jjh@elstar.local> <CAHbuEH6WXMU6RknQdfuq30zhbUycQtFRW54hOT9WkwR8g2Rsxg@mail.gmail.com> <20180111075218.3tu65mthzlnef3bi@elstar.local> <CAHbuEH5tDDaTQwNHpsoWU7DUWYp8o945vm6VpVydJh2AEarMiQ@mail.gmail.com> <20180112094500.ymlrkswjfgkhibef@elstar.local> <CAHbuEH72gz5poJa+rxiaxxvMHk7zKhQvz_cuX+DimPGG6QGyNw@mail.gmail.com> <20180112160020.ovnu3xtns5y325ug@elstar.local>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Fri, 12 Jan 2018 12:51:34 -0500
Message-ID: <CAHbuEH6wtg37etGpoWjKRwUR-d-M7oWf6e3V-CnQ2mrZr_cFUg@mail.gmail.com>
To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, The IESG <iesg@ietf.org>, draft-ietf-netmod-revised-datastores@ietf.org, Lou Berger <lberger@labn.net>, netmod-chairs@ietf.org, netmod@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/ThIekkhs4EuMUsBu9oVvQtlR5gw>
Subject: Re: [netmod] Kathleen Moriarty's Discuss on draft-ietf-netmod-revised-datastores-09: (with DISCUSS)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jan 2018 17:52:17 -0000
On Fri, Jan 12, 2018 at 11:00 AM, Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> wrote: > On Fri, Jan 12, 2018 at 09:23:28AM -0500, Kathleen Moriarty wrote: >> Hi Juergen, >> >> On Fri, Jan 12, 2018 at 4:45 AM, Juergen Schoenwaelder >> <j.schoenwaelder@jacobs-university.de> wrote: >> > On Thu, Jan 11, 2018 at 11:03:30AM -0500, Kathleen Moriarty wrote: >> >> Hi Juergen, >> >> >> >> Thank you very much for the additional information. This was very >> >> helpful. Benoit and I discussed it a bit further on the telechat and >> >> some text changes in the introduction and security considerations >> >> section to provide some of this information for the reader will be >> >> helpful. I got the explanations and appreciate them and from the >> >> explanations, my discuss questions have been answered and I'll switch >> >> this to a no objection leaving you and Benoit to add the text as >> >> helpful for other readers. >> >> >> > >> > Kathleen, >> > >> > we propose to add this text to the security considerations: >> > >> > The origin metadata annotation exposes the origin of values in the >> > applied configuration. Origin information may provide hints that >> > certain control plane protocols are active on a device. Since origin >> > information is tied to applied configuration values, it is only >> > accessible to clients that have the permissions to read the applied >> > configuration values. Security administrators should consider the >> > sensitivity of origin information while defining access control >> > rules. >> >> Thank you, that is very helpful. Would it also be possible to add >> text in the introduction on where the data for these values comes from >> (the device itself)? > > The Introduction does not really talk about the origin annotation > details and hence it seems such text would be misplaced or at least > confusing to read. The definition of origin is in section 5.3.4. This > section starts with: > > As configuration flows into <operational>, it is conceptually marked > with a metadata annotation ([RFC7952]) that indicates its origin. > > Since the whole data flow between datastores resides on a 'device', it > seems clear that the origin values are added by the device itself. And > if any clarification is needed, I think it belongs into 5.3.4 and not > into the Introduction. That sounds good, thank you. Kathleen > > /js > > -- > Juergen Schoenwaelder Jacobs University Bremen gGmbH > Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany > Fax: +49 421 200 3103 <http://www.jacobs-university.de/> -- Best regards, Kathleen
- [netmod] Kathleen Moriarty's Discuss on draft-iet… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Juergen Schoenwaelder
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Kathleen Moriarty
- Re: [netmod] Kathleen Moriarty's Discuss on draft… Randy Presuhn