IETF Logo Mail Archive

Re: [netmod] Alissa Cooper's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Wed, 26 September 2018 21:25 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B7F71294D7; Wed, 26 Sep 2018 14:25:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pP6EOPhp_3v9; Wed, 26 Sep 2018 14:25:18 -0700 (PDT)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19051130DBE; Wed, 26 Sep 2018 14:25:15 -0700 (PDT)
X-AuditID: 12074425-e29ff700000028dd-bf-5babf93833d5
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id E3.30.10461.939FBAB5; Wed, 26 Sep 2018 17:25:14 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id w8QLP8nn004317; Wed, 26 Sep 2018 17:25:09 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w8QLP3qL021864 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 26 Sep 2018 17:25:06 -0400
Date: Wed, 26 Sep 2018 16:25:03 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Alissa Cooper <alissa@cooperw.in>
Cc: The IESG <iesg@ietf.org>, netmod-chairs@ietf.org, kwatsen@juniper.net, draft-ietf-netmod-acl-model@ietf.org, netmod@ietf.org
Message-ID: <20180926212503.GR24695@kduck.kaduk.org>
References: <153799684957.21582.5904060939193716725.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <153799684957.21582.5904060939193716725.idtracker@ietfa.amsl.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpkleLIzCtJLcpLzFFi42IRYrdT17X6uTra4P19AYvpZ/4yWvz6tJvJ YsaficwWB+awW6zuVbOYf7GR1YHN48uTl0weS5b8ZPK43nSVPYA5issmJTUnsyy1SN8ugSvj W8MyloJnLBUnbk9lbGB8wdzFyMkhIWAicXViM0sXIxeHkMBiJomu/ZfZIJyNjBJbTs6Bylxl kri5qpcJpIVFQFXi8b5pbCA2m4CKREP3ZbBRIkDxq8d+gMWZBToZJc7PTQGxhQVSJDovNgHV cHDwAq17/lsOJCwk4CsxfeJtdhCbV0BQ4uTMJywQrVoSN/69ZAIpZxaQllj+jwMkzCngJ/Hh /hKwTaICyhJ7+w6xT2AUmIWkexaS7lkI3QsYmVcxyqbkVunmJmbmFKcm6xYnJ+blpRbpWujl ZpbopaaUbmIEh7SL6g7GOX+9DjEKcDAq8fBGrF8dLcSaWFZcmXuIUZKDSUmUV2EvUIgvKT+l MiOxOCO+qDQntfgQowQHs5II77rtQDnelMTKqtSifJiUNAeLkjjvpJbF0UIC6YklqdmpqQWp RTBZGQ4OJQne/9+BGgWLUtNTK9Iyc0oQ0kwcnCDDeYCGy/wAGV5ckJhbnJkOkT/FqCglzlsL khAASWSU5sH1glKORPb+mleM4kCvCPPagFTxANMVXPcroMFMQIMn9KwAGVySiJCSamBsle/S LzI9vd1mVZ+jkm4m5/3nDzROfP1z61Wq097PbNfOzZmlxlGzvLPvyALh1WKPH64/qli3a+P9 P60vDgo6PRFNi/8f9vUsj87RjwwmwbsM/ic2/pPrYWY3vtUQ8nnbn/bqkNMt5y+c+nn09ln+ JUG/eb7sSeS2q1eR/xnJO1tn9Q1hhXoeJZbijERDLeai4kQAmiwjqxQDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/ctkrMrJlmk8-oWJ7DhPB97-hm18>
Subject: Re: [netmod] Alissa Cooper's Discuss on draft-ietf-netmod-acl-model-19: (with DISCUSS and COMMENT)
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Sep 2018 21:25:21 -0000

Just on the logging point...

On Wed, Sep 26, 2018 at 02:20:49PM -0700, Alissa Cooper wrote:
> 
> Sec 5:
> 
> In this section or elsewhere it would be nice to see a sentence noting that
> this YANG model allows the configuration of packet logging, which if used would
> additionally warrant protections against unauthorized log access and a logs
> retention policy.

My understanding is that this was removed entirely from the document in
response to the secdir review.  Could you double-check which version you
were looking at, or if the current version still is problematic?

Thanks,

Benjamin

v2.23.0 | Report a Bug | By Email