Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
Martin Bjorklund <mbj@tail-f.com> Wed, 06 November 2019 07:36 UTC
Return-Path: <mbj@tail-f.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3692F120024 for <netmod@ietfa.amsl.com>; Tue, 5 Nov 2019 23:36:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gfwC0m4k1tPl for <netmod@ietfa.amsl.com>; Tue, 5 Nov 2019 23:36:01 -0800 (PST)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id 9A1A2120026 for <netmod@ietf.org>; Tue, 5 Nov 2019 23:36:01 -0800 (PST)
Received: from localhost (unknown [173.38.220.41]) by mail.tail-f.com (Postfix) with ESMTPSA id A05531AE018B; Wed, 6 Nov 2019 08:35:59 +0100 (CET)
Date: Wed, 06 Nov 2019 08:35:30 +0100
Message-Id: <20191106.083530.29371404693452077.mbj@tail-f.com>
To: bill.wu@huawei.com
Cc: kent+ietf@watsen.net, heas@shrubbery.net, netmod@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <B8F9A780D330094D99AF023C5877DABAA93EB7DD@dggeml531-mbs.china.huawei.com>
References: <B8F9A780D330094D99AF023C5877DABAA93EB7DD@dggeml531-mbs.china.huawei.com>
X-Mailer: Mew version 6.8 on Emacs 25.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/uSU6oAf5JRR7YixVnltivtp0Cjc>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 07:36:03 -0000
Qin Wu <bill.wu@huawei.com> wrote: > 发件人: netmod [mailto:netmod-bounces@ietf.org] 代表 Kent Watsen > 发送时间: 2019年11月6日 3:27 > 收件人: john heasley <heas@shrubbery.net> > 抄送: netmod@ietf.org > 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt > > > > Yes, I'm suggesting that this "clearing" be a requirement, even if the > operator has the choice between clear "only the configuration" and > "everything." "might" -> "MUST". > > The fine line between too vague and too much detail must be found. >>> > > In addition,the "factory-reset" RPC MUST > restore storage to factory condition, including > remove log files, > remove temporary files, > remove certificates, keys, etc > zero passwords, > <insert other things> > > The process (SHOULD|MUST) zero/pattern-write then remove sensitive files > such as the TLS keys, configuration stores, etc. > > [Qin]: Okay, here is the my proposed change: > OLD TEXT: > “ > In addition, the "factory-reset" RPC might also be used to trigger > some other restoring and resetting tasks such as files cleanup, > restarting the node or some of the SW processes, or setting some > security data/passwords to the default value, removing logs, removing > any temporary data (from datastore or elsewhere) etc. When and why > these tasks are triggered is not the scope of this document. > ” > NEW TEXT: > “ > In addition, the "factory-reset" RPC MUST restore storage to factory condition, > including remove log files, remove temporary files (from datastore or elsewhere). > It MUST also remove security credentials and restoring default security settings including > remove certificates, keys, zero passwords, etc. The process invoked by the "factory-reset" > RPC SHOULD zero/pattern-write than remove sensitive files such as the TLS keys, configuration > stores, etc. The RPC MAY also be used to trigger some other resetting tasks such as restarting > the node or some of the software processes, activating the factory-default config which in turn > enables zero touch provision (ZTP). > ” > If you have better text, feel free to share. I think your previously proposed text that didn't mention ZTP was better. Also, "MAY also be used to" sounds like it is the client's decision, so I suggest changing the last sentence to: The RPC MAY also trigger some other resetting tasks such as restarting the node or some of the software processes. /martin > > The RPC MAY provide an option to limit the actions to factory reset of > the configuration. > [Qin]: we have add nacm:default-deny-all on RPC we proposed. Security section will be enhanced > Based on Andy’s comment in the separate email. > > Strongly agree. > > Kent // contributor >
- [netmod] I-D Action: draft-ietf-netmod-factory-de… internet-drafts
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… john heasley
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Schönwälder
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Qin Wu
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… john heasley
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Kent Watsen
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Qin Wu
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Qin Wu
- Re: [netmod] I-D Action: draft-ietf-netmod-factor… Martin Bjorklund