[OPSAWG] Murray Kucherawy's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)
Murray Kucherawy via Datatracker <noreply@ietf.org> Sun, 17 May 2020 05:48 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: opsawg@ietf.org
Delivered-To: opsawg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D62913A0D89; Sat, 16 May 2020 22:48:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Murray Kucherawy via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-opsawg-sdi@ietf.org, opsawg-chairs@ietf.org, opsawg@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.130.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Murray Kucherawy <superuser@gmail.com>
Message-ID: <158969448080.20571.5288514293121823581@ietfa.amsl.com>
Date: Sat, 16 May 2020 22:48:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/4L-Q5Sc4gpw3lMKT4fKV1cV6uno>
Subject: [OPSAWG] Murray Kucherawy's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 May 2020 05:48:01 -0000
Murray Kucherawy has entered the following ballot position for draft-ietf-opsawg-sdi-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-opsawg-sdi/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Bigger points first: The shepherd writeup contains this remark, which made me squint a bit: "More security review was asked for by the WG at various [times], and it is not clear that this input will be taken into account." Why's that? This Informational document cites BCP 14, and then has a solitary SHOULD in Section 4.2. One could easily change "SHOULD fetch" to "fetches" and do away with all of that. There are several places where the prose uses two words to mean roughly the same thing (e.g., "store / cache"). I found this awkward each time I hit it. Please, in each case, pick one. Worst case, replace the slash with "or", but you'll probably find that redundant anyway. There are several places where a list or example is introduced with a hyphen (e.g., "There are two options when implementing this - a vendor could..."). Instead, it should be a new sentence, or at least a colon followed by a clause or maybe a bulleted list. And now, a lot of editorial suggestions: Section 1: * "... or using an auto install techniques which fetch ..." -- s/techniques/technique/, or remove "an" * "... or something similar, is an unacceptable ..." -- remove the comma * "... vendor to pre-configure the devices before shipping it ..." -- change either "devices" to "device", or "it" or "them" * "... configuration, etc; but these ..." -- change to "... configuration, etc. However, these ..." * "... managing installed / deployed devices ..." -- suggest just picking one Section 2: * "... newly installed / unconfigured ..." -- change to "... newly installed, unconfigured ..." * "... obtain an IP address and address of a config server ..." change to "... obtain an IP address for itself and discover the address of a configuration server ..." * "This document describes a concept ..." -- this paragraph feels like it belongs in Section 1 Section 2.1: * "... Point of Presence (POP) / datacenter." -- maybe just replace all of this with "facility"? * "... device configuration, fetches the certificate ..." -- s/,/ and/ * "... encrypted config ..." -- please use either "configuration" (preferred) or "config", but not both * "... installed in Operator_A' ..." -- missing an "s" (two instances in the third paragraph) * "... (note that all this ..." -- s/all this/all of this/ (and actually, this should be its own sentence) OLD: The device attempts to load the config file - if the config file is unparsable, (new functionality) the device tries to use its private key to decrypt the file, and, assuming it validates, installs the new configuration. NEW: The device attempts to load the configuration file. As an added step, if the configuration file cannot be parsed, the device tries to use its private key to decrypt the file and, assuming it validates, proceeds to install the new, decrypted, configuration. * "(See Security Considerations)" -- section number, please Section 3: * This section doesn't appear to me to describe a role other than "vendor". * "... the vendors roles and ..." -- s/vendors/vendor's/ Section 3.1: * Please expand "EST" on first use. Section 3.2: * "... store / cache ... uptime / reachability ..." -- as above, these really stand out to me as in need of making an editorial choice Section 4: * I don't see a role in here either other than "operator". Section 4.1: * "(likely serial number)" -- suggest "(e.g., the serial number)" Section 4.2: * "publication server, and download ..." -- remove the comma Section 5.1: * "chassis / backplane" -- another; see previous remarks * TPM could use a reference (ISO/IEC 11889?) Section 5.3: * "(e.g.: 'load replace <filename> encrypted))" -- unbalanced quoting and parentheses Section 7: * "... may wish to bootstrapping devices with ..." -- s/bootstrapping/bootstrap/ * "... minimal / less sensitive ..." -- pick one, or at least use "or" Appendix B: * s/csr/CSR/ (and probably expand it) * "Demo / proof of concept" -- pick one * "... from the command line, in production ..." -- start a new sentence * Don't use "I'm". Maybe change "I'm using S/MIME because ..." to "S/MIME is used here because ..."
- [OPSAWG] Murray Kucherawy's No Objection on draft… Murray Kucherawy via Datatracker
- Re: [OPSAWG] Murray Kucherawy's No Objection on d… Warren Kumari
- Re: [OPSAWG] Murray Kucherawy's No Objection on d… Michael Richardson
- Re: [OPSAWG] Murray Kucherawy's No Objection on d… Joe Clarke (jclarke)
- Re: [OPSAWG] Murray Kucherawy's No Objection on d… Colin Doyle