IETF Logo Mail Archive

Re: [netmod] Next steps for draft-ietf-netmod-rfc8407bis

"maqiufang (A)" <maqiufang1@huawei.com> Thu, 29 February 2024 06:29 UTC

Return-Path: <maqiufang1@huawei.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AFCBC151071; Wed, 28 Feb 2024 22:29:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.204
X-Spam-Level:
X-Spam-Status: No, score=-4.204 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H3Jo8tHkf7kq; Wed, 28 Feb 2024 22:29:02 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC9F6C14CF15; Wed, 28 Feb 2024 22:29:01 -0800 (PST)
Received: from mail.maildlp.com (unknown [172.18.186.31]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4Tlh5W3Fb3z6K6Kd; Thu, 29 Feb 2024 14:24:31 +0800 (CST)
Received: from lhrpeml100003.china.huawei.com (unknown [7.191.160.210]) by mail.maildlp.com (Postfix) with ESMTPS id A84D0140FAA; Thu, 29 Feb 2024 14:28:58 +0800 (CST)
Received: from kwepemm000017.china.huawei.com (7.193.23.46) by lhrpeml100003.china.huawei.com (7.191.160.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 29 Feb 2024 06:28:57 +0000
Received: from kwepemm600017.china.huawei.com (7.193.23.234) by kwepemm000017.china.huawei.com (7.193.23.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 29 Feb 2024 14:28:56 +0800
Received: from kwepemm600017.china.huawei.com ([7.193.23.234]) by kwepemm600017.china.huawei.com ([7.193.23.234]) with mapi id 15.01.2507.035; Thu, 29 Feb 2024 14:28:56 +0800
From: "maqiufang (A)" <maqiufang1@huawei.com>
To: Mohamed Boucadair <mohamed.boucadair@orange.com>, Kent Watsen <kent@watsen.net>
CC: "netmod@ietf.org" <netmod@ietf.org>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>
Thread-Topic: [netmod] Next steps for draft-ietf-netmod-rfc8407bis
Thread-Index: AQHaaivX8PB0cZoKHUKVIFTV2GiNIrEfXQAAgAAjwICAAS068A==
Date: Thu, 29 Feb 2024 06:28:56 +0000
Message-ID: <d816a7a4d17446989f0536e82c21cc02@huawei.com>
References: <170911084467.36197.13909323798182085568@ietfa.amsl.com> <DU2PR02MB10160D87F56348C8C6C3D947188582@DU2PR02MB10160.eurprd02.prod.outlook.com> <0100018df05b125e-c717e95c-b062-4dab-9852-f8e00bf1a927-000000@email.amazonses.com> <DU2PR02MB10160D0D7957482B958A207AF88582@DU2PR02MB10160.eurprd02.prod.outlook.com>
In-Reply-To: <DU2PR02MB10160D0D7957482B958A207AF88582@DU2PR02MB10160.eurprd02.prod.outlook.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.118.147]
Content-Type: multipart/alternative; boundary="_000_d816a7a4d17446989f0536e82c21cc02huaweicom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/jx3k2c5-Siuydd3lJtB1sIhiOrk>
Subject: Re: [netmod] Next steps for draft-ietf-netmod-rfc8407bis
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 06:29:06 -0000

Hi, Med, Kent, all


2) In the Security Considerations section, the template should be amended to have the following paragraph:

             Please be aware that this YANG module uses groupings from other YANG
             modules that define nodes that may be considered sensitive or vulnerable
             in network environments. Please review the Security Considerations for
             dependent YANG modules for information as to which nodes may be
             considered sensitive or vulnerable in network environments.

[Med] We need to be careful for this one as the document that defines the grouping may not include that analysis (because those are not used as data nodes). Here is a proposal for discussion:

NEW:

==
   -- if your YANG module reuses groupings from other modules and
   -- the document that specifies these groupings also
   -- includes those as data nodes, then add this text to remind
   -- the specific sensitivity or vulnerability of reused nodes.

This YANG module uses groupings from other YANG modules that
define nodes that may be considered sensitive or vulnerable
in network environments. Refer to the Security Considerations
of <RFC-insert-numbers> for information as to which nodes may
be considered sensitive or vulnerable in network environments.

  -- if your YANG module does not define any data nodes, then
  -- add the following text

The YANG module defines a set of identities, types, and
groupings. These nodes are intended to be reused by other YANG
modules. The module by itself does not expose any data nodes that
are writable, data nodes that contain read-only state, or RPCs.
As such, there are no additional security issues related to
the YANG module that need to be considered.

Modules that use the groupings that are defined in this document
should identify the corresponding security considerations. For
example, reusing some of these groupings will expose privacy-related
information (e.g., 'node-example').
===
[Qiufang]
In addition to the cases above, for YANG modules that reuse groupings from other modules
and expose data nodes that have security considerations as a result, probably it’s also
worth mentioning that “
      This YANG module uses groupings from other YANG modules that
       define nodes that may be considered sensitive or vulnerable
      in network environments.” and followed by a list of data nodes exposed and identified as sensitive,
those nodes are defined in the grouping, thus it might be slightly different from what the
template has stated in the current version.


Best Regards,
Qiufang

On Feb 28, 2024, at 4:51 AM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote:

Hi all,

I think that this version is ready for the WGLC.

The document fully covers the items promised when requesting adoption [1]. As listed in the ACK section, we also solicited and integrated feedback from many yangdoctors, solicited SAAG WG to review the security text, etc. Refer to 1.1 for a comprehensive list of the changes.

Cheers,
Med

[1] Slide#7 of https://datatracker.ietf.org/meeting/117/materials/slides-117-netmod-7-guidelines-for-authors-and-reviewers-of-documents-containing-yang-data-models-00

-----Message d'origine-----
De : I-D-Announce <i-d-announce-bounces@ietf.org<mailto:i-d-announce-bounces@ietf.org>> De la part de
internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>
Envoyé : mercredi 28 février 2024 10:01
À : i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>
Cc : netmod@ietf.org<mailto:netmod@ietf.org>
Objet : I-D Action: draft-ietf-netmod-rfc8407bis-09.txt

Internet-Draft draft-ietf-netmod-rfc8407bis-09.txt is now available.
It is a work item of the Network Modeling (NETMOD) WG of the IETF.

  Title:   Guidelines for Authors and Reviewers of Documents
Containing YANG Data Models
  Authors: Andy Bierman
           Mohamed Boucadair
           Qin Wu
  Name:    draft-ietf-netmod-rfc8407bis-09.txt
  Pages:   84
  Dates:   2024-02-28

Abstract:

  This memo provides guidelines for authors and reviewers of
  specifications containing YANG modules, including IANA-maintained
  modules.  Recommendations and procedures are defined, which are
  intended to increase interoperability and usability of Network
  Configuration Protocol (NETCONF) and RESTCONF protocol
  implementations that utilize YANG modules.  This document obsoletes
  RFC 8407.

  Also, this document updates RFC 8126 by providing additional
  guidelines for writing the IANA considerations for RFCs that
specify
  IANA-maintained modules.

The IETF datatracker status page for this Internet-Draft is:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdata<https://data/>
tracker.ietf.org%2Fdoc%2Fdraft-ietf-netmod-
rfc8407bis%2F&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C51672231
30c943a5a4c608dc383bce6b%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C
638447076716455966%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjo
iV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=s5VX9Hb%2Fl
P9v5QurysF69syyEyba9yYss7xd7K5E2FE%3D&reserved=0

There is also an HTML version available at:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww<https://www/>.
ietf.org%2Farchive%2Fid%2Fdraft-ietf-netmod-rfc8407bis-
09.html&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C5167223130c943
a5a4c608dc383bce6b%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C638447
076716464395%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luM
zIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2Br3nHahSq8OV24f
hFxBkJaqY43Q0GUxcbPZSFhji4uk%3D&reserved=0

A diff from the previous version is available at:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauth<https://auth/>
or-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-ietf-netmod-rfc8407bis-
09&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C5167223130c943a5a4c
608dc383bce6b%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C63844707671
6470644%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLC
JBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=zo%2FrtFJrYJkJXOceIpzR
mlGAQF2c8m9Z%2F0vShl5o8gQ%3D&reserved=0

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts


____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

_______________________________________________
netmod mailing list
netmod@ietf.org<mailto:netmod@ietf.org>
https://www.ietf.org/mailman/listinfo/netmod


____________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

v2.23.0 | Report a Bug | By Email