[OPSAWG] Barry Leiba's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)
Barry Leiba via Datatracker <noreply@ietf.org> Wed, 20 May 2020 04:27 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: opsawg@ietf.org
Delivered-To: opsawg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A7813A3A4F; Tue, 19 May 2020 21:27:15 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Barry Leiba via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-opsawg-sdi@ietf.org, opsawg-chairs@ietf.org, opsawg@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>, mcr+ietf@sandelman.ca
X-Test-IDTracker: no
X-IETF-IDTracker: 6.130.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Barry Leiba <barryleiba@computer.org>
Message-ID: <158994883534.30159.9649308008222132813@ietfa.amsl.com>
Date: Tue, 19 May 2020 21:27:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/HbdYteISqT0rgRtGaOw17TWOimY>
Subject: [OPSAWG] Barry Leiba's No Objection on draft-ietf-opsawg-sdi-10: (with COMMENT)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 04:27:16 -0000
Barry Leiba has entered the following ballot position for draft-ietf-opsawg-sdi-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-opsawg-sdi/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Just a nitty load of nits nitting about: — Section 1 — Internet Exchange Points (IXP) or "carrier neutral Nit: hyphenate “carrier-neutral”, vendor proprietary) protocols to perform initial device installs Nit: hyphenate “vendor-proprietary” (or just drop “vendor”). use DHCP [RFC2131]to get an IP address Nit: add a space after the citation. security related and/or proprietary information Nit: hyphenate “security-related”. (or using an auto- install techniques which fetch an unencrypted config file Nit: remove “an”. perform the initial configuration work; this costs, time and money. Nit: remove the comma. configure the devices before shipping it; Nit: “device” (or “them”). optimized for simplicity, both for the implementor and the operator; Nit: make it “for both” (or repeat “for” before “the operator”). is it intended to solve all use-cases Nit: do not hyphenate “use cases”. Solutions such as Secure Zero Touch Provisioning (SZTP)" [RFC8572], Nit: there’s an unpaired quotation mark. — Section 2 — the devices serial number, MAC address or similar. Nit: Make it “device’s” (possessive). extends this (vendor specific) paradigm Nit: hyphenate “vendor-specific”. — Section 2.1 — When the device arrives at the POP, it gets installed in Operator_A' autoboot state, and begins the DHCP process. Operator_A' DHCP server Nit: “Operator_A’s” in both places. — Section 3.1 — Each devices requires a public-private key keypair Nit: “Each device” Nit: you don’t need “key keypair”; I suggest “key pair”. (for example, extended key usage, extensions, etc.) Nit: “for example” and “etc.” don’t go together; use one or the other. — Section 4.3 — configurations fails, the device will either abort the auto-install process, or will repeat this process until it succeeds. Nit: “configuration” (singular). Nit: remove the second “will” (or make it “either will”). — Section 5.2 — completely replace the initial device generated key Nit: hyphenate “device-generated”. operators installed key. Nit: “operator’s” (possessive). — Section 5.3 — device management, whereby portions (or the entire) configuration Nit: “portions of” — Section 7 — third-party to copy and paste it over a serial terminal. Nit: “them”, not “it” (the antecedent is plural). An attacker (e.g., a malicious datacenter employee) who has physical access to the device before it is connected to the network the attacker may be able to extract the device private key Nit: remove “the attacker”. Even when using a secure bootstrapping mechanism, security conscious operators may wish to bootstrapping devices with a minimal / less sensitive config Nit: hyphenate “security-conscious”. Nit: “bootstrap” (no “ing”). Nit: hyphenate “less-sensitive”.
- [OPSAWG] Barry Leiba's No Objection on draft-ietf… Barry Leiba via Datatracker
- Re: [OPSAWG] Barry Leiba's No Objection on draft-… Warren Kumari