IETF Logo Mail Archive

Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt

Qin Wu <bill.wu@huawei.com> Wed, 06 November 2019 07:58 UTC

Return-Path: <bill.wu@huawei.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A6DC120C01 for <netmod@ietfa.amsl.com>; Tue, 5 Nov 2019 23:58:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3xYMi9JLEESn for <netmod@ietfa.amsl.com>; Tue, 5 Nov 2019 23:58:26 -0800 (PST)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B98B120BFF for <netmod@ietf.org>; Tue, 5 Nov 2019 23:58:26 -0800 (PST)
Received: from LHREML710-CAH.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id D6976C9593B4C011BC8B for <netmod@ietf.org>; Wed, 6 Nov 2019 07:58:23 +0000 (GMT)
Received: from lhreml709-chm.china.huawei.com (10.201.108.58) by LHREML710-CAH.china.huawei.com (10.201.108.33) with Microsoft SMTP Server (TLS) id 14.3.408.0; Wed, 6 Nov 2019 07:58:23 +0000
Received: from lhreml709-chm.china.huawei.com (10.201.108.58) by lhreml709-chm.china.huawei.com (10.201.108.58) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Wed, 6 Nov 2019 07:58:23 +0000
Received: from DGGEML401-HUB.china.huawei.com (10.3.17.32) by lhreml709-chm.china.huawei.com (10.201.108.58) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256) id 15.1.1713.5 via Frontend Transport; Wed, 6 Nov 2019 07:58:22 +0000
Received: from DGGEML531-MBS.china.huawei.com ([169.254.5.209]) by DGGEML401-HUB.china.huawei.com ([fe80::89ed:853e:30a9:2a79%31]) with mapi id 14.03.0439.000; Wed, 6 Nov 2019 15:58:18 +0800
From: Qin Wu <bill.wu@huawei.com>
To: Martin Bjorklund <mbj@tail-f.com>
CC: "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "heas@shrubbery.net" <heas@shrubbery.net>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
Thread-Index: AdWUd9qeVLj0r+yDR4+pIrJi/4KZsw==
Date: Wed, 06 Nov 2019 07:58:17 +0000
Message-ID: <B8F9A780D330094D99AF023C5877DABAA93EBD61@dggeml531-mbs.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.31.203]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/oT4Fm3fOV2IvSg4tSP7SEGCNysU>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 07:58:28 -0000

-----邮件原件-----
发件人: Martin Bjorklund [mailto:mbj@tail-f.com] 
发送时间: 2019年11月6日 15:36
收件人: Qin Wu <bill.wu@huawei.com>
抄送: kent+ietf@watsen.net; heas@shrubbery.net; netmod@ietf.org
主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt

Qin Wu <bill.wu@huawei.com> wrote:
> 发件人: netmod [mailto:netmod-bounces@ietf.org] 代表 Kent Watsen
> 发送时间: 2019年11月6日 3:27
> 收件人: john heasley <heas@shrubbery.net>
> 抄送: netmod@ietf.org
> 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
> 
> 
> 
> Yes, I'm suggesting that this "clearing" be a requirement, even if the 
> operator has the choice between clear "only the configuration" and 
> "everything."  "might" -> "MUST".
> 
> The fine line between too vague and too much detail must be found. >>>
> 
> In addition,the "factory-reset" RPC MUST restore storage to factory 
> condition, including remove log files, remove temporary files, remove 
> certificates, keys, etc zero passwords, <insert other things>
> 
> The process (SHOULD|MUST) zero/pattern-write then remove sensitive 
> files such as the TLS keys, configuration stores, etc.
> 
> [Qin]: Okay, here is the my proposed change:
> OLD TEXT:
> “
> In addition, the "factory-reset" RPC might also be used to trigger 
> some other restoring and resetting tasks such as files cleanup, 
> restarting the node or some of the SW processes, or setting some 
> security data/passwords to the default value, removing logs, removing 
> any temporary data (from datastore or elsewhere) etc.  When and why 
> these tasks are triggered is not the scope of this document.
> ”
> NEW TEXT:
> “
> In addition, the "factory-reset" RPC MUST restore storage to factory 
> condition, including remove log files, remove temporary files (from datastore or elsewhere).
> It MUST also remove security credentials and restoring default 
> security settings including remove certificates, keys, zero passwords, etc. The process invoked by the "factory-reset"
> RPC SHOULD zero/pattern-write than remove sensitive files such as the 
> TLS keys, configuration stores, etc. The RPC MAY also be used to 
> trigger some other resetting tasks such as restarting the node or some 
> of the software processes, activating the factory-default config which in turn enables zero touch provision (ZTP).
> ”
> If you have better text, feel free to share.

I think your previously proposed text that didn't mention ZTP was better.  Also, "MAY also be used to" sounds like it is the client's decision, so I suggest changing the last sentence to:

  The RPC MAY also trigger some other resetting tasks such as
  restarting the node or some of the software processes.

[Qin]: Works for me, thanks.

/martin



> 
> The RPC MAY provide an option to limit the actions to factory reset of 
> the configuration.
> [Qin]: we have add  nacm:default-deny-all on RPC we proposed. Security 
> section will be enhanced Based on Andy’s comment in the separate email.
> 
> Strongly agree.
> 
> Kent // contributor
>

v2.23.0 | Report a Bug | By Email