IETF Logo Mail Archive

Re: [netmod] [netconf] Security text for I-D with YANG modules

Jürgen Schönwälder <jschoenwaelder@constructor.university> Wed, 22 February 2023 12:27 UTC

Return-Path: <jschoenwaelder@constructor.university>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29256C14F720 for <netmod@ietfa.amsl.com>; Wed, 22 Feb 2023 04:27:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id caZTHIHNxGdB for <netmod@ietfa.amsl.com>; Wed, 22 Feb 2023 04:27:39 -0800 (PST)
Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on20622.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1a::622]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE40EC14F6EC for <netmod@ietf.org>; Wed, 22 Feb 2023 04:27:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c5ZkhrvaRoH8cqtKsbYlEZRNw5l/BJl2OQx4Rw4H40HnTtaqAzt0hHllMkjOkIrHnb07pgLlt0PG2/LO8qnEoZP4e5O3MPWBXJhnGwPEQrM7zNpnOpI3ax1SIyCXaj7D8LG2EO6vFN4wazD8ano6FD6Hj/G31QBAJEpVou4dp3+zCRNhBZxMV/4nyFBI8orimOJ93vVxtZtR7poWT969icmz+n9gHNRC1SAtwzMZ951rL7l/aM0Ix4eFhzAoaPRBn8N6kQigyIc3kFHf+mEXH2eKsUIU7ILV4YD7LD0EtHj3zUjNaSRJEnvV8I2kVSvE3Rp+9rE1vaSMsUAVXNgKPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BYo+G2Dh0GHM3dJpMAzYDG/+zpnr6VyssMYhq/Ppayk=; b=VkcOsdV95ezWzvpzx7Clwds2Eti02UVst0VaKYhUdbFtoGrhOrTmBcfPSVqtKy49ElZaK1iLe4wAJB0ozM8wnwVEQ4fKQxjHS902pgYon8fWeGTkmLoeTTJMP7gv7TG09WCUngbJkMwkAmC41xJmaWtKAp9douEOkNeDcPdpdddLAvpsRRfk7ap0FzvrlRS7BHfN+9DdDkgNAvCiZpqegadyF3tt4aNgH+yRrt3NvtUsidv2gdqjCvmVfDoo/PoaifJz3MX0Cuw++aeyI6RFv1fRgeuEJsjTXZgxoqe0XYxmvfp/rGYsD3mYpgxEbnIL2faRFUQdzRhbDG7b8+eY1w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=constructor.university; dmarc=pass action=none header.from=constructor.university; dkim=pass header.d=constructor.university; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BYo+G2Dh0GHM3dJpMAzYDG/+zpnr6VyssMYhq/Ppayk=; b=pIgV9DRFRZxvvleTgZleVh3aCOcg7SKkZ5/sUKbZA0i7fjehRuxcHuGSqkQMvh72gsjHeA8GcEBRYdpS2hwjW+NbedkKZPiOumDjA7pSh80CZWwMV83IhJZj3I1ICegc2wVimMKanlBBZXaoy34YTWToag81Q8qtrK+NNCdTy1k=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=constructor.university;
Received: from GVXP190MB1991.EURP190.PROD.OUTLOOK.COM (2603:10a6:150:3::6) by VI1P190MB0590.EURP190.PROD.OUTLOOK.COM (2603:10a6:800:123::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.19; Wed, 22 Feb 2023 12:27:13 +0000
Received: from GVXP190MB1991.EURP190.PROD.OUTLOOK.COM ([fe80::62bb:76a:de40:c7ac]) by GVXP190MB1991.EURP190.PROD.OUTLOOK.COM ([fe80::62bb:76a:de40:c7ac%3]) with mapi id 15.20.6111.021; Wed, 22 Feb 2023 12:27:13 +0000
Date: Wed, 22 Feb 2023 13:27:11 +0100
From: Jürgen Schönwälder <jschoenwaelder@constructor.university>
To: tom petch <ietfc@btconnect.com>
Cc: Kent Watsen <kent+ietf@watsen.net>, "netmod@ietf.org" <netmod@ietf.org>
Message-ID: <20230222122711.w7hamw5zajvkdb2d@anna>
Reply-To: Jürgen Schönwälder <jschoenwaelder@constructor.university>
Mail-Followup-To: tom petch <ietfc@btconnect.com>, Kent Watsen <kent+ietf@watsen.net>, "netmod@ietf.org" <netmod@ietf.org>
References: <AM7PR07MB62484DB3DA25A675167C7C3EA0A49@AM7PR07MB6248.eurprd07.prod.outlook.com> <010001867209d36e-adc03317-0f10-44ec-9a46-83501fec1edb-000000@email.amazonses.com> <AM7PR07MB6248AA7188DE1041E86CE1BAA0AA9@AM7PR07MB6248.eurprd07.prod.outlook.com> <20230222103444.enuqtnggpormjrqa@anna> <AM7PR07MB6248CE575C8AFDC5C650C407A0AA9@AM7PR07MB6248.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <AM7PR07MB6248CE575C8AFDC5C650C407A0AA9@AM7PR07MB6248.eurprd07.prod.outlook.com>
X-ClientProxiedBy: AM3PR05CA0137.eurprd05.prod.outlook.com (2603:10a6:207:3::15) To GVXP190MB1991.EURP190.PROD.OUTLOOK.COM (2603:10a6:150:3::6)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GVXP190MB1991:EE_|VI1P190MB0590:EE_
X-MS-Office365-Filtering-Correlation-Id: 9ae8022e-dcf7-4f57-9e1b-08db14d02038
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 5cunMogUZqCkDI2zVHFvH5WYqokphxdoyXpVHhqG7nkcvZD2rG8Ev1BmoxRBWrjBPs4BwMYBaHEw+Jh1AbST/6HGohIJCSCHu5odWjDxGm7Rqs4WxSM6PJGqgF5cSFjb8DfV/jy8anw5Tx9sFicgHKqxzvgKs4DXo1hBlq3/Ld8guxrIBTz/q0eYO0AQVYlnXeZwoDtltxggnX1nZYQPvhDyl/nT8R3D8wGIoYMaaGmiK4Y/u1OEMZIoCPVSayW6VRCGc7+eS8HNDbqZ5wx33CZ2IOhP9zfFJCximFMLJqNFVxNoHhrXq+zLgmtsB6QHuSe/Mh03CuUnm7j/P5BstWV5NJx+17jvrYJeIc2Miftb/ruayzEz/jV/0BPcK751KMtCCNXGReSLqO35x5es9S08frVJ8QhSsClbfBv1YaQlFEXCq8Eu8fryBXW4hMN+MUfbm47W5xLSYOnmEbUNyru2RAYXkxkbOVGWzjftuTQ4zaBzUR3FuBkiN6+zdh1JNxRjGUSwkUtz84HL8qd5ri4MTKgDlx9FG5AvPdJhmiLaD0XmnASzBmOKyzv20tYwwJdfBmbeCsUwwbrRLBfcVfm/dPqKnpZCEY6vx3v5Bd6uuVEkInkaKAn6mfYJHuGyTWLuTKv2zhGKIlizhW9wgGOF8kGqD4f4kkoyPZWjazh0+2KDLP+xgrgRDfsqtYx6zpBgCEX0+gnHECNo+ZliTg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVXP190MB1991.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230025)(7916004)(346002)(366004)(136003)(39850400004)(396003)(376002)(451199018)(296002)(316002)(786003)(83380400001)(66574015)(54906003)(478600001)(38100700002)(38350700002)(85182001)(15650500001)(2906002)(3450700001)(86362001)(33716001)(41320700001)(40140700001)(8676002)(66946007)(66556008)(66476007)(6916009)(4326008)(41300700001)(8936002)(5660300002)(966005)(6486002)(186003)(26005)(52116002)(6506007)(6512007)(53546011)(1076003)(85202003)(9686003)(46492015); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: xx7saF/zPpiabS7nL8817AgNa4puGlIbM44/6TKi4OneiK7u9GHAT/okYBbWZ9s8RN25FIDx4VyywMofIihqzgRaCcCDnBxIPgA1k4/k3y3Z7/UHkEd3GHDJHpg83sn7pgxK1R7kjmryk4sYBYEfz7JbRoLsyVuDG9x3zn2PfYXZ8L5ZOPg8+FE4IdIJ4MLU1psnPbAXhxqtjA7jwzqu6FMzglVubog1W6VGE73mMT2KJuGNt3JfR4G6DW/WwGJ5v27h/OGpcdYeC8aRKk8ID3uYJyh1s1rsDXDpVLttmeqa28B1hFhWW4H3XxnvEw/KbVF1JvviHyeMt4C2gg5Z57zxVaIJXbex6lvA8XsKW0JtJ2JXa9UFBZHH2TUpdmhtCmrQGpuXehfnQsRy7jo/9keOdFiwhtAmSZktnpAwWMLoO4IvDSmL4oMgd8ybtKcU8dGSlWVI2Fh9Kl4jyt0OtOVBMeVUdtTN829bQMHUokrSAjsCNY/4Ond0hc4hnilRNI0YNuTos0XqQkrvmnLk1H8G0QQywDzom5YnaSOCxy7vnt8OvFaNzSr50A24eh2xKnS1sxTEzjpDC2gTb3BwMQs811UJBCIy6mk2oflBDktanrolhAqQIBWFYRTbSCB1Zwkll01mpc6XwO4b6xpPdAFUMdMw21xniAuHNL9n2yDQW16WtTYlxHtDQa7valffiaPWfSowtBFt9s5d/FGQ7ju8yN9fl+Zpqcn4vN1j09oqFFd+Z4u1lzuJPvoNb4Q0v0c20gxa3eFKJhORrVAEWOkXzeiiENcWMDnewPqlMblwUWs3jXhPG68zH13+gQYtc+drSn8/hzAVyH/70C51+9A7HDwttcGnY+hJRBn0jdZnSIT0T1qWOob1RpfZkFFLKXyDxqLZShoQyAnfKfiqikPMh10GW2eya6JPFpmIjYk5sTpcHKD+UtucNREzTppQ4lVlfvtsHykeBcXC2aO6BClPSIWBGRoix/1U2EUrRps6jpYV3ktakvw5RqbBXwyGlzA6vhyVxYNVm9FU3y/B0+i+ILOv2E+oXk7kL+gnN4CO1jNd+iEIAWW6vmU/3Mf0BF5RZzG3h/j/mjSIT31IiFLouSFjnV+BPD9AOhFhy76XUHwWbAmufrx7q3csQGRIw5a//DrCuRj/KgipgylExNC2jTL32+mdC6SjbBVMef+qv29xnyYtOvp9ebKMzhwYDBGLcAm5wZBuV2gppiGs0QFcC+V2dTELput9NWiS5yGvbqmAXaixSaKfKDGawDQdsgA9TI0AHN//KhgdhHRPhL88wCcz7hAtqv8LbmK+K+6oKpNscPOIuj5ZvVetaF7Yg04WsgsutTvNXqf+A10UuJyjp4WDs1f4RzdrZaMcYOMyjt8udkSREl1V2dZ9zojqmEin5aCu0ssbriEC9l6jatyFKJSQaJtOcx8aj7DAPbgCk8upHGaDk96kJkRD1/xqnG/aL0BVdoKIYDXi2LCsjt5M6WKfV/KJbGJGWDDGKafqmy/Lq/XxwrNISz5GYzOjpAjE7Lkhs7vODQNVDQA7PgCTxfqOrnIycLvW3HnFCv5wpb/ezrFlKj6hDOoZ4I6n2mY/870jNORBmQ/wWSP2kZ46b8CpZWP7kQfixEMMRPU=
X-OriginatorOrg: constructor.university
X-MS-Exchange-CrossTenant-Network-Message-Id: 9ae8022e-dcf7-4f57-9e1b-08db14d02038
X-MS-Exchange-CrossTenant-AuthSource: GVXP190MB1991.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Feb 2023 12:27:13.0797 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: GgTEykLpHiIlHbeGHCdJOgDFSOkBrpm7KlLrGnB8vsFzWsH2iMAnHx8rphtKSgsvKDmfj2bcJGqNp/gAqWZMOZmgUXThEIx+/iJiZ6UunY8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P190MB0590
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/yGYwzEGH97tVsuOmh78UoRm2blk>
Subject: Re: [netmod] [netconf] Security text for I-D with YANG modules
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Feb 2023 12:27:43 -0000

Well, anybody can post whatever as an I-D. Probably it is fine to just
ignore this entirely for now. Of if you plan to continue to discuss
this, make sure the author of the I-D is getting involved instead us
speculating about things.

/js

On Wed, Feb 22, 2023 at 12:21:02PM +0000, tom petch wrote:
> From: Jürgen Schönwälder <jschoenwaelder@constructor.university>
> Sent: 22 February 2023 10:34
> 
> Perhaps some bits of history. Back in the SMIv2 world, with a growing
> number of MIB modules, we found it helpful to have a template for
> security considerations. The OPS AD and the SEC AD back then settled
> on an online template for MIB modules (which was occasionally revised
> and updated). This approach was later carried over to YANG and our
> YANG guidelines (RFC 8407, BCB 216) refer to the template using the
> following URL:
> 
> https://trac.ietf.org/trac/ops/wiki/yang-security-guidelines
> 
> What might be happening right now (and here I a speculating) is that
> the IETF considers to retire trac and this may have triggered to copy
> text into an I-D. The reason back in a day to use an online place was
> to be able to make changes easily. Looking back, changes do happen but
> not very frequently, so perhaps even having the template published as
> a small RFC may be workable. (Except that you never know what really
> happens if you want to just make a small change to an RFC.)
> 
> <tp>
> 
> Thanks for that.  The processes with SMI I remember well but had not thought of the retirement of trac.  Any such action would need an update to RFC8407 IMHO which the I-D I cited quite ignores.
> 
> Tom Petch
> 
> /js
> 
> On Wed, Feb 22, 2023 at 10:17:01AM +0000, tom petch wrote:
> > From: Kent Watsen <kent+ietf@watsen.net>
> > Sent: 21 February 2023 03:34
> >
> > True, that claim seems overstated and one would think that such should be in NETMOD.
> >
> > Searching OPSAWG, I don't see it.  Can you provide a link?
> >
> > <tp>
> > Do you mean for the I-D?  It is
> >   draft-moriarty-yangsecuritytext-01
> > with no indication that it is intended to touch the sides on any IETF WG.
> >
> > Tom Petch
> >
> > > On Feb 20, 2023, at 12:27 PM, tom petch <ietfc@btconnect.com> wrote:
> > >
> > > I see an I-D has appeared recently with the title
> > >      Security Considerations Template for YANG Module Documents
> > >
> > > It says
> > > " The text has been developed and
> > >   refined over many years on an Operations Area working group mailing
> > >  list"
> > >
> > > Tom Petch
> > > _______________________________________________
> > > netconf mailing list
> > > netconf@ietf.org
> > > https://www.ietf.org/mailman/listinfo/netconf
> >
> >
> > _______________________________________________
> > netmod mailing list
> > netmod@ietf.org
> > https://www.ietf.org/mailman/listinfo/netmod
> 
> --
> Jürgen Schönwälder              Constructor University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
> Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

-- 
Jürgen Schönwälder              Constructor University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1 | 28759 Bremen | Germany
Fax:   +49 421 200 3103         <https://www.jacobs-university.de/>

v2.23.0 | Report a Bug | By Email