[OPSAWG] FW: Adrian Farrel's Discuss on draft-ietf-opsawg-management-stds-06:(with DISCUSS and COMMENT)

["Romascanu, Dan (Dan)" <dromasca@avaya.com>]

Mehmet and Benoit,

Please address the issues raised by Adrian in his DISCUSS.

Thanks and Regards,

Dan




-----Original Message-----
From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org] On Behalf Of Adrian Farrel
Sent: Monday, March 12, 2012 9:24 PM
To: The IESG
Cc: draft-ietf-opsawg-management-stds@tools.ietf.org; opsawg-chairs@tools.ietf.org
Subject: Adrian Farrel's Discuss on draft-ietf-opsawg-management-stds-06:(with DISCUSS and COMMENT)

Adrian Farrel has entered the following ballot position for
draft-ietf-opsawg-management-stds-06: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to http://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

I had some difficulty determining what are "IETF network management
standards".

The Introduction helpfully explains that "OAM technologies on the data-
path" are not covered. I think this might usefully be mentioned in the
Abstract.

---

I found the lists of existing MIB modules in Section 4.1 a bit hit and
miss.

For example, in Section 4.1.2 only one of te GMPLS MIB module RFCs is
listed. This is kind of "by example" of a data plane model, so is
probably OK, but why not mention the MIB modules for the GMPLS control
plane.

In Section 4.1.3 I would have expected to see discussion of both the
MPLS forwarding plane, and some of the MPLS control plane protcols.
Conversely, I found it off-puting that Section 4.1.3 lumps together
the routing protocols with the IP forwarding plane.

Looking at Section 4.1 as a whole, I wondered whether you really want to
enumerate the existing MIB modules for all IETF protocols. This seems
like a thankless task and one that is hard to keep complete unless you
go to the OID tree (in IANA) and make a full list.

On the other hand, there are some technology-specific "MIB overview"
documents that might provide useful things to point at. For example:
- RFC 4221
- draft-ietf-mpls-tp-mib-management-overview

I'm finding this a hard one to make actionable! How about...

  Please use the OID tree in the IANA registry to ensure that you have
  not left out any MIB modules for key IETF protocols.

  Please consider including references to RFC 4221 and draft-ietf-mpls-
  tp-mib-management-overview.

You might also find it beneficial to split 4.1 into forwarding plane
management and control protocol management.

---

Rather than removing Section 6, I think you should use it to summarise
the secuirty issues of network management, point to the sections of this
document that discuss security, and reference other documents specific
to the security of network management.
                                                 
This might point to the fact that security discussions are patchy in 
this document. 2.1.4 is a good detailed cover of SNMP security, 2.2 
briefly mentions how to secure syslog, and 2.3 has a rather scanty 
mention of security for ipfix. Why is there not similar discussion of
how to secure netconf?

Similarly, in section 3 there is mention of security for RADIUS, 
DIAMETER, CAPWAP, ANCP, and ACAP, but not for DHCP, BOOTP, the various
autoconf options, COPS, and XCAP.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I think that a general change of s/MIB/MIB module/ is needed.