[OPSAWG] Murray Kucherawy's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)

Murray Kucherawy via Datatracker <noreply@ietf.org> Sun, 17 May 2020 05:48 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Murray Kucherawy via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-opsawg-sdi@ietf.org, opsawg-chairs@ietf.org, opsawg@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Murray Kucherawy <superuser@gmail.com>
Message-ID: <158969448080.20571.5288514293121823581@ietfa.amsl.com>
Date: Sat, 16 May 2020 22:48:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/4L-Q5Sc4gpw3lMKT4fKV1cV6uno>
Subject: [OPSAWG] Murray Kucherawy's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)

Murray Kucherawy has entered the following ballot position for
draft-ietf-opsawg-sdi-10: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-opsawg-sdi/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Bigger points first:

The shepherd writeup contains this remark, which made me squint a bit: "More
security review was asked for by the WG at various [times], and it is not clear
that this input will be taken into account."  Why's that?

This Informational document cites BCP 14, and then has a solitary SHOULD in
Section 4.2.  One could easily change "SHOULD fetch" to "fetches" and do away
with all of that.

There are several places where the prose uses two words to mean roughly the
same thing (e.g., "store / cache").  I found this awkward each time I hit it. 
Please, in each case, pick one.  Worst case, replace the slash with "or", but
you'll probably find that redundant anyway.

There are several places where a list or example is introduced with a hyphen
(e.g., "There are two options when implementing this - a vendor could..."). 
Instead, it should be a new sentence, or at least a colon followed by a clause
or maybe a bulleted list.

And now, a lot of editorial suggestions:

Section 1:
* "... or using an auto install techniques which fetch ..." --
s/techniques/technique/, or remove "an" * "... or something similar, is an
unacceptable ..." -- remove the comma * "... vendor to pre-configure the
devices before shipping it ..." -- change either "devices" to "device", or "it"
or "them" * "... configuration, etc; but these ..." -- change to "...
configuration, etc.  However, these ..." * "... managing installed / deployed
devices ..." -- suggest just picking one

Section 2:
* "... newly installed / unconfigured ..." -- change to "... newly installed,
unconfigured ..." * "... obtain an IP address and address of a config server
..." change to "... obtain an IP address for itself and discover the address of
a configuration server ..." * "This document describes a concept ..." -- this
paragraph feels like it belongs in Section 1

Section 2.1:
* "... Point of Presence (POP) / datacenter." -- maybe just replace all of this
with "facility"? * "... device configuration, fetches the certificate ..." --
s/,/ and/ * "... encrypted config ..." -- please use either "configuration"
(preferred) or "config", but not both * "... installed in Operator_A' ..." --
missing an "s" (two instances in the third paragraph) * "... (note that all
this ..." -- s/all this/all of this/ (and actually, this should be its own
sentence)

OLD:
   The device attempts to load the
   config file - if the config file is unparsable, (new functionality)
   the device tries to use its private key to decrypt the file, and,
   assuming it validates, installs the new configuration.
NEW:
   The device attempts to load the configuration file.  As an added
   step, if the configuration file cannot be parsed, the device tries
   to use its private key to decrypt the file and, assuming it validates,
   proceeds to install the new, decrypted, configuration.

* "(See Security Considerations)" -- section number, please

Section 3:
* This section doesn't appear to me to describe a role other than "vendor".
* "... the vendors roles and ..." -- s/vendors/vendor's/

Section 3.1:
* Please expand "EST" on first use.

Section 3.2:
* "... store / cache ... uptime / reachability ..." -- as above, these really
stand out to me as in need of making an editorial choice

Section 4:
* I don't see a role in here either other than "operator".

Section 4.1:
* "(likely serial number)" -- suggest "(e.g., the serial number)"

Section 4.2:
* "publication server, and download ..." -- remove the comma

Section 5.1:
* "chassis / backplane" -- another; see previous remarks
* TPM could use a reference (ISO/IEC 11889?)

Section 5.3:
* "(e.g.: 'load replace <filename> encrypted))" -- unbalanced quoting and
parentheses

Section 7:
* "... may wish to bootstrapping devices with ..." -- s/bootstrapping/bootstrap/
* "... minimal / less sensitive ..." -- pick one, or at least use "or"

Appendix B:
* s/csr/CSR/ (and probably expand it)
* "Demo / proof of concept" -- pick one
* "... from the command line, in production ..." -- start a new sentence
* Don't use "I'm".  Maybe change "I'm using S/MIME because ..." to "S/MIME is
used here because ..."

[OPSAWG] Murray Kucherawy's No Objection on draft… Murray Kucherawy via Datatracker
Re: [OPSAWG] Murray Kucherawy's No Objection on d… Warren Kumari
Re: [OPSAWG] Murray Kucherawy's No Objection on d… Michael Richardson
Re: [OPSAWG] Murray Kucherawy's No Objection on d… Joe Clarke (jclarke)
Re: [OPSAWG] Murray Kucherawy's No Objection on d… Colin Doyle