Re: [netmod] Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Thu, 23 April 2020 05:38 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDD4A3A1476; Wed, 22 Apr 2020 22:38:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=f+rg4ZoP; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=0qEz+Xk2
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lOR_3oBnSmsk; Wed, 22 Apr 2020 22:38:52 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BA953A1474; Wed, 22 Apr 2020 22:38:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4512; q=dns/txt; s=iport; t=1587620332; x=1588829932; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=Fh9SW2csgrJ2QfVdzjqCby4MV/CMLBVuZizWMF9qRbo=; b=f+rg4ZoPhgZiZO5fdabDLnEkHtLYmKClYchZBhN2WEO9RC5Y67Q8Jg0J adMtayzlT0JO7vBcwGQvi1u0KXBpeHDXzyBxDxxiw1Q1E2CqY3DiEYGJj MUHD48gd2ejAbMyNYMvRizgO2OD+1DTJRF5HG7F0lcIcY5HXBz8zd6E6k M=;
IronPort-PHdr: 9a23:8MZp2RLYp3qTDIfp7NmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXEDlPfjhbCESF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CiBQBTKaFe/5ldJa1mHAEBAQEBBwEBEQEEBAEBgXuBVFEFbFggBAsqhB6DRgOKcIJfmCyBQoEQA1QKAQEBDAEBIwoCBAEBhEQCF4IGJDgTAgMBAQsBAQUBAQECAQUEbYVWDIVxAQEBAQMSEREMAQE3AQsEAgEGAg4DAwECAwIjAwICAjAUAQUDCAEBBAENBSKDBAGCSwMuAQ6UdJBnAoE5iGJ1gTKDAAEBBYFGQYNEGIIOAwaBDiqCY4lWGoFBP4ERJxyCTT6CZwIBAgGBKAQBEgEhgxIygi2OMoMDoGEKgkSIC4smhEIdgliIUYRyjEaDZ4wMiUCTNQIEAgQFAg4BAQWBaSJmWBEHcBVlAYI+UBgNlTA4gzuFFIVCdAKBJ4wBgkUBAQ
X-IronPort-AV: E=Sophos;i="5.73,305,1583193600"; d="scan'208";a="752362143"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 23 Apr 2020 05:38:51 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 03N5coUx020574 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 23 Apr 2020 05:38:50 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 23 Apr 2020 00:38:50 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 23 Apr 2020 00:38:50 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 23 Apr 2020 01:38:49 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Y53Kor+NMbf7LtVQ4E3Y+pcxAT26bhJ8KdfRHCsJhy5AG6m+SPmFPf0kuBvEWRFLIuhWB5ZddZ4PHtYw0UwHqQiXSiqi9cjgd1PcjASoPWl2VRMvf4c+uGz/Cv7hAmnadAIFBzP0ZS71tqF8etONlLVHfoCWuLDkcTmXInAUOxMsWb2Qc00JccrAWVp83l+tKvxb7hxWtBDzeVw1oAtoP059uHwgLvsa8ZzWaa7ZM/yI7r9Fje1WhOO2FlqZYNKmLQ5BTqxhG1UMvsidnKvtyP5P6fIIdkQG8Ae/Ccp6ELHOk1MEvbwwsp/vBA/X0vJqmEwErLzK15zjntUL89rGnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fh9SW2csgrJ2QfVdzjqCby4MV/CMLBVuZizWMF9qRbo=; b=KEdbTbw4pw0j0echhYubIedU9U6mTsMcfSM/m945L5llgUbe2CPeP7C5ukNfLMpfXBFJLmtBzGFkLkau1oM79ZNY+DOMWlC73S+u/yaiyprpfK1+rFcOcF+SolGGoTNhMVWFN4ABXSBpjEnUlLaGTs0bhqcgVzviTpYmi4Mc7fIUS9f+XONV/cqxxw046vFi3rh1MEKIjO6eT/wAOcRXckvl0Z1JOWQIHvF5CIKs1Td7UyCiUBnqbAsd+zsyAKEKBkPjUb/S0bl+fBEZarf3AF7hV287FZm4SrUaqxV28/HGe8NPq+saQ8ThekUAwHH2YpwrVMKTZb8YcXM6jClmnA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fh9SW2csgrJ2QfVdzjqCby4MV/CMLBVuZizWMF9qRbo=; b=0qEz+Xk2aTCikt9bxnKmYIoYLaK544r0qmRBRhvrMY9uprjhmRfN/Y2My/3eX6OI0hfle8leV6SnVC8aVHl0Z1GI/Dmwy+XC17Iz5cSgYRoWT+3ergabD9fDOmAHVsJW5OnRnmJ+DJp25C4M6zIpARCqDtmdHk3BLe6pN6g6mbU=
Received: from DM5PR11MB1753.namprd11.prod.outlook.com (2603:10b6:3:10d::13) by DM5PR11MB1355.namprd11.prod.outlook.com (2603:10b6:3:b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.25; Thu, 23 Apr 2020 05:38:49 +0000
Received: from DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::7458:f0d0:22b2:6b0c]) by DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::7458:f0d0:22b2:6b0c%9]) with mapi id 15.20.2937.012; Thu, 23 Apr 2020 05:38:49 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Qin Wu <bill.wu@huawei.com>, The IESG <iesg@ietf.org>
CC: "draft-ietf-netmod-factory-default@ietf.org" <draft-ietf-netmod-factory-default@ietf.org>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, Kent Watsen <kent+ietf@watsen.net>
Thread-Topic: Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)
Thread-Index: AdYZDvJMTBevZe+PRoqB//3nPCJK5gAM0dcA
Date: Thu, 23 Apr 2020 05:38:48 +0000
Message-ID: <9F2B72D8-A357-4BD0-A6C5-7AF21DA05640@cisco.com>
References: <B8F9A780D330094D99AF023C5877DABAAD628F7A@dggeml511-mbx.china.huawei.com>
In-Reply-To: <B8F9A780D330094D99AF023C5877DABAAD628F7A@dggeml511-mbx.china.huawei.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c1:36:3463:f53f:5143:bb86]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 603bb6ba-db0d-436c-7d81-08d7e7489938
x-ms-traffictypediagnostic: DM5PR11MB1355:
x-microsoft-antispam-prvs: <DM5PR11MB1355A0AB02FD7A55A31E52ECA9D30@DM5PR11MB1355.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 03827AF76E
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR11MB1753.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(376002)(136003)(366004)(346002)(396003)(39860400002)(86362001)(6486002)(53546011)(6506007)(316002)(33656002)(478600001)(6512007)(224303003)(2616005)(76116006)(64756008)(66556008)(66476007)(2906002)(66946007)(66446008)(110136005)(71200400001)(966005)(91956017)(36756003)(186003)(5660300002)(81156014)(54906003)(4326008)(8936002); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: B0CVUetcs6Ru7pQ+W2JTWwJkD/2EihuEOVuP/7VufkqOgjY0daP+pFP5xOcy+h+YeGHESPSEF0kBBKKVUeuBy0xRRFyWWpuUFp5tojUdFuxPvgrNfYAK4irfBjoGYv7Zxp2+r8aP+MBi0pmVPLcbqpJkI4s1gpTARgjf1cUEsWNTQ3e6UtrFvm6kiHYsMVz01PjW4udxEEbPdAg/rnjyFC7AqTaMcvTWhvUJDe60l4qKJH1FzuJ66jMFoV1wfSZpZ85AJwznbce/2/pmekIc0djGp70h7wL8ek9vkmZmmF+rMQNW2NLcJ4jhANifgF5QQTEOQEPK88fEG9DF9dsO9ZE6j/QI6ej1C8bHLiGx2sSeYiLozmL3WPqn28h0W5Ma/EUUMTsXk5kUnCBXeIPyUFZDYBx74dCLenrtLUi23Kah3Xe27Xi4dOipZ9IWWivpqMFJeFVSaFjz43K69zOsQ1oVzUhQOx1WARpLc/HmglsyjmwdK89+kO7mk+62NesDiNkauNKvTtsTsXacQ+sJ6A==
x-ms-exchange-antispam-messagedata: /48eYmWBwr6uCibxjHDz1GITyVyTz6S4awMs0cpmB2nrmBW7DO8NKpJaPpfspD918P58WB7tqv+0r9oraxu4wvRDYyVA1ImnMyda4zArwXdgj3AUhxmRsooN9JHUVOIsa7DwQjHLNwNoO9Zcu46ByRgRzxWDLkr2gBcxyq9MqKWU0hXFkN6qPJ4q9L2t6pjdpAU/H7NCbv8e20gmJBTZnQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <39CC8E90085AB440BBE54D454CC5450D@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 603bb6ba-db0d-436c-7d81-08d7e7489938
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Apr 2020 05:38:48.9293 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TvFkUoSjTtIL6Y5VBMkVwKTCa24/P/WbU3Pt09IlKMFCohwzoxM2aML2uFAr4pE6siyWQZBkDWzBpwcthYgGfQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1355
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/V4b2QoduobsdnHn72dbQCx1lXhw>
Subject: Re: [netmod] Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2020 05:38:55 -0000

Qin

Thank you for your reply and your comments

All is good for me

-éric

-----Original Message-----
From: Qin Wu <bill.wu@huawei.com>
Date: Thursday, 23 April 2020 at 03:54
To: Eric Vyncke <evyncke@cisco.com>, The IESG <iesg@ietf.org>
Cc: "draft-ietf-netmod-factory-default@ietf.org" <draft-ietf-netmod-factory-default@ietf.org>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, Kent Watsen <kent+ietf@watsen.net>
Subject: RE: Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)

    Thanks Eric, see reply inline below.
    -----邮件原件-----
    发件人: Éric Vyncke via Datatracker [mailto:noreply@ietf.org] 
    发送时间: 2020年4月22日 14:45
    收件人: The IESG <iesg@ietf.org>
    抄送: draft-ietf-netmod-factory-default@ietf.org; netmod-chairs@ietf.org; netmod@ietf.org; Kent Watsen <kent+ietf@watsen.net>; kent+ietf@watsen.net
    主题: Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)

    Éric Vyncke has entered the following ballot position for
    draft-ietf-netmod-factory-default-14: No Objection

    When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.)


    Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
    for more information about IESG DISCUSS and COMMENT positions.


    The document, along with other ballot positions, can be found here:
    https://datatracker.ietf.org/doc/draft-ietf-netmod-factory-default/



    ----------------------------------------------------------------------
    COMMENT:
    ----------------------------------------------------------------------

    Thank you for the work put into this document. The document is clear, easy to read and quite useful.

    Please find below some non-blocking COMMENTs. An answer will be appreciated.

    I also support Barry's comment.

    I hope that this helps to improve the document,

    Regards,

    -éric

    == COMMENTS ==

    If the "factory-default" is optional (per section 3), then it may be worth to specify this quality in the abstract and in the introduction.

    [Qin]: Thanks, will mention this in both abstract and introduction.

    -- Section 2 --
    What happens with the different counters in the <operational> data store ?


    [Qin]: As described in 2, The contents of the <operational> datastore MUST reflect the
    operational state of the device after applying the factory default
    configuration. In other words, Referencing figure 2 of RFC8342, counter seen as system state of operational datastore will reflect
    the operational state of the device. 

    Why is this a SHOULD for overwritting sensitive data before deletion and not a MUST? At least section 6 writes that "owner of the device MUST NOT rely on any sensitive data (e.g., private keys) being forensically unrecoverable"

    [Qin]: I have no preference on whether we should use strong language or soft language, but the idea here is deleting dynamically generated files is mandatory, overwriting security sensitive data is recommended.