IETF Logo Mail Archive

Re: [netmod] YANG module security considerations template - TLS reference

"Acee Lindem (acee)" <acee@cisco.com> Mon, 01 October 2018 18:58 UTC

Return-Path: <acee@cisco.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F736130E0E; Mon, 1 Oct 2018 11:58:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w1lfOI6x2TBH; Mon, 1 Oct 2018 11:58:13 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 950231252B7; Mon, 1 Oct 2018 11:58:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4364; q=dns/txt; s=iport; t=1538420293; x=1539629893; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=t7G3l3h9drzaGEokrPB8BQO+Z0SXuY9DFHiBgefsi00=; b=QWzvuce048Q+yp0qwh7maomjE8OhVjlFq6tqDDRlG37NOH/drjtqy22X a/HzVJhi06lMba9OGoCHqzthKks1Y+/KejvTKJVSNCX2lgabPV6nPYU7O B9rSXFTbxBlL7j4RwTuLXB5zJM9eFs6+/M5305r6ICY3PoUq7/+aLRwEm 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AcAAD3bLJb/4gNJK1bGQEBAQEBAQEBAQEBAQcBAQEBAQGBUYIOZn8oCoNqiBWMGYINgz2THYF6CxgLhANGAheDeSE0GAEDAQECAQECbRwMhTgBAQEBAgEBASERNwMXBAIBCA4DAwECAQICJgICAiULFQgIAgQBEoMhAYF5CA+lQoEuhAEBhhOBC4l3F4IAgRInH4JMgxsBAYFhF4JqMYImAohPlAtPCQKGQ4lvF4FHS409gliGIYwRAhEUgSUdOIFVcBU7KgGCQQmFeYUUhQgBNW+LXoEfAQE
X-IronPort-AV: E=Sophos;i="5.54,328,1534809600"; d="scan'208";a="449604255"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 01 Oct 2018 18:58:12 +0000
Received: from XCH-RTP-012.cisco.com (xch-rtp-012.cisco.com [64.101.220.152]) by alln-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id w91IwCTA024802 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 1 Oct 2018 18:58:12 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-012.cisco.com (64.101.220.152) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 1 Oct 2018 14:58:11 -0400
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1395.000; Mon, 1 Oct 2018 14:58:11 -0400
From: "Acee Lindem (acee)" <acee@cisco.com>
To: Lou Berger <lberger@labn.net>, Kent Watsen <kwatsen@juniper.net>, Martin Bjorklund <mbj@tail-f.com>, "netmod-chairs@ietf.org" <netmod-chairs@ietf.org>, "netmod-ads@ietf.org" <netmod-ads@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] YANG module security considerations template - TLS reference
Thread-Index: AQHUWVcibcIX1/iYHk+KxriwIydA+qUKcn+AgACH64CAAAVAgP//vwwA
Date: Mon, 01 Oct 2018 18:58:11 +0000
Message-ID: <18ADC199-B3DB-4B69-AA6D-A16467F4FBFC@cisco.com>
References: <20181001.091910.1896030373672380031.mbj@tail-f.com> <43AB5D62-FCB5-4B84-841E-30F14235A147@cisco.com> <4BF93030-3371-417B-A897-61A44464834C@juniper.net> <16630f7d018.27ce.9b4188e636579690ba6c69f2c8a0f1fd@labn.net>
In-Reply-To: <16630f7d018.27ce.9b4188e636579690ba6c69f2c8a0f1fd@labn.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.197]
Content-Type: text/plain; charset="utf-8"
Content-ID: <436AAA34E248044D9BA4165F9ECAC831@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Outbound-SMTP-Client: 64.101.220.152, xch-rtp-012.cisco.com
X-Outbound-Node: alln-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/opeYjRJzMoQHszti8iFRrPiZ7bQ>
Subject: Re: [netmod] YANG module security considerations template - TLS reference
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Oct 2018 18:58:16 -0000

Agreed. I think we should have a couple designated experts (similar to what we have with IANA registries) that would have editorial authority and could field suggestions for updates (e.g., for example from the Security ADs).

Thanks,
Acee

On 10/1/18, 2:50 PM, "Lou Berger" <lberger@labn.net> wrote:

    At this point I think it's mature enough to be a yang DR or NETMOD wg thing?
    
    Thoughts, objections?
    
    Lou
    
    
    ----------
    On October 1, 2018 2:32:34 PM Kent Watsen <kwatsen@juniper.net> wrote:
    
    > Benoit is the progenitor of the template.  I took it to be an "AD thing"
    > has since passed to Ignas.
    >
    > Kent
    >
    >
    >
    > ?-----Original Message-----
    > From: "Acee Lindem (acee)" <acee@cisco.com>
    > Date: Monday, October 1, 2018 at 10:25 AM
    > To: Martin Bjorklund <mbj@tail-f.com>, "netmod-chairs@ietf.org" 
    > <netmod-chairs@ietf.org>, "netmod-ads@ietf.org" <netmod-ads@ietf.org>, 
    > "netmod@ietf.org" <netmod@ietf.org>
    > Subject: Re: [netmod] YANG module security considerations template - TLS 
    > reference
    > Resent-From: <alias-bounces@ietf.org>
    > Resent-To: <joelja@bogus.com>, <wangzitao@huawei.com>, <lberger@labn.net>, 
    > <kwatsen@juniper.net>
    > Resent-Date: Monday, October 1, 2018 at 10:25 AM
    >
    > Agreed - although I'm not sure who has control over the template either.
    >
    > For drafts that are in-progress, IDNITs will flag this obsolete reference 
    > and, for at least one of the drafts I'm an editor, I've already made the 
    > update.
    >
    > Thanks,
    > Acee
    >
    > On 10/1/18, 3:19 AM, "netmod on behalf of Martin Bjorklund" 
    > <netmod-bounces@ietf.org on behalf of mbj@tail-f.com> wrote:
    >
    >     Hi,
    >
    >     In their review of draft-ietf-netconf-nmda-restconf, the IESG
    >     suggested we update the reference to TLS from RFC 5246 to RFC 8446
    >     (which obsoletes 5246).
    >
    >     This update needs to be done to the template available at
    >     https://urldefense.proofpoint.com/v2/url?u=https-3A__trac.ietf.org_trac_ops_wiki_yang-2Dsecurity-2Dguidelines&d=DwIGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=54lt0_rCJTvXEIWmFXsdUNDbzJIkrJ86K-IveL1QoG4&s=9uZWNJN6weNKKk7ABnZ-yFVkwdZxZzQOSm9bSXwT1SQ&e=
    >
    >     (it is not quite clear who is repsonsible for this template; maybe
    >     that should be clarified on the page)
    >
    >
    >     /martin
    >
    >     _______________________________________________
    >     netmod mailing list
    >     netmod@ietf.org
    >     https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_netmod&d=DwIGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=9zkP0xnJUvZGJ9EPoOH7Yhqn2gsBYaGTvjISlaJdcZo&m=54lt0_rCJTvXEIWmFXsdUNDbzJIkrJ86K-IveL1QoG4&s=QhZGZPVsGhr3-uPQZRPyHFcBYz59K2QZxenbb7Ly7L8&e=
    >
    >
    >
    > _______________________________________________
    > netmod mailing list
    > netmod@ietf.org
    > https://www.ietf.org/mailman/listinfo/netmod

v2.31.3 | Report a Bug | By Email | System Status