Re: [OPSAWG] Begin WG Last Call on draft-ietf-opsawg-syslog-alarm-00.txt
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Tue, 16 September 2008 12:34 UTC
Return-Path: <opsawg-bounces@ietf.org>
X-Original-To: opsawg-archive@optimus.ietf.org
Delivered-To: ietfarch-opsawg-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F23228C182; Tue, 16 Sep 2008 05:34:50 -0700 (PDT)
X-Original-To: opsawg@core3.amsl.com
Delivered-To: opsawg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 706703A68FE for <opsawg@core3.amsl.com>; Tue, 16 Sep 2008 05:34:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.725
X-Spam-Level:
X-Spam-Status: No, score=-1.725 tagged_above=-999 required=5 tests=[AWL=0.524, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VC25sAfVI6ok for <opsawg@core3.amsl.com>; Tue, 16 Sep 2008 05:34:48 -0700 (PDT)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by core3.amsl.com (Postfix) with ESMTP id 3F52728C182 for <opsawg@ietf.org>; Tue, 16 Sep 2008 05:34:48 -0700 (PDT)
Received: from localhost (demetrius4.jacobs-university.de [212.201.44.49]) by hermes.jacobs-university.de (Postfix) with ESMTP id F408BC0038; Tue, 16 Sep 2008 14:34:59 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius4.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id 8t2BpvRXGUMy; Tue, 16 Sep 2008 14:34:52 +0200 (CEST)
Received: from elstar.iuhb02.iu-bremen.de (elstar.iuhb02.iu-bremen.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id 903EDC0014; Tue, 16 Sep 2008 14:34:52 +0200 (CEST)
Received: by elstar.iuhb02.iu-bremen.de (Postfix, from userid 501) id 5BCF76CEA98; Tue, 16 Sep 2008 14:34:51 +0200 (CEST)
Date: Tue, 16 Sep 2008 14:34:51 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: "Seely, Ted A [CTO]" <Ted.A.Seely@sprint.com>
Message-ID: <20080916123451.GA761@elstar.iuhb02.iu-bremen.de>
Mail-Followup-To: "Seely, Ted A [CTO]" <Ted.A.Seely@sprint.com>, "opsawg@ietf.org" <opsawg@ietf.org>
References: <C4E7083E.8A40%ted.a.seely@sprint.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <C4E7083E.8A40%ted.a.seely@sprint.com>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc: "opsawg@ietf.org" <opsawg@ietf.org>
Subject: Re: [OPSAWG] Begin WG Last Call on draft-ietf-opsawg-syslog-alarm-00.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: j.schoenwaelder@jacobs-university.de
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsawg>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: opsawg-bounces@ietf.org
Errors-To: opsawg-bounces@ietf.org
On Fri, Sep 05, 2008 at 03:01:02PM -0500, Seely, Ted A [CTO] wrote: > The Chairs are initiating a two week last call on > draft-ietf-opsawg-syslog-alarm-00.txt. > > Please provide feedback and comments to the list no later than September > 19th. I have read the document and below are my comments. 1) I think the title and the abstract should better indicate what the scope fo the document is. As far as I understand it, it is all about representing X.733 alarms in SYSLOG messages. So perhaps the title should be "Representing ITU X.733 Alarms in SYSLOG" and the abstract should read "This document describes how to represent X.733 alarm information in SYSLOG. [...]". 2) The last sentence of section 1 is confusig; the document really maps ITU perceived severity to SYSLOG severity and not the other way round. So I suggest to replace [...] This memo defines a set of SD-PARAM to support logging and defines a mapping of syslog severity to the severity of the alarm. with [...] This memo defines a set of SD-PARAM to support logging and defines a mapping of ITU X.733 perceived security values to SYSLOG severity values. 3) I think the mapping (currently section 1.2) should not be part of the introduction. I suggest to merge sections 1 and 1.1 into one section and to make section 1.2 section 2. 4) Section 2 in the current ID should spell out what the name of the SD-ID is. The syslog document does a fine job in putting the name of SD-IDs and SD-PARAMs in double quotes. I suggest you follow the style used by the SYSLOG specs - and I particularly also like the examples at the end of an SD-ID definition. 5) I fail to see the difference between alarmedResource and resourceMapping. Quoting from the two definitions: This item uniquely identifies the resource under alarm within the scope of a network element. This item uniquely identifies the resource under alarm within the scope of a network element. OK, the resourceMapping has an additional constraint requiring this to be an OID or follow similar semantics (I am not quite sure what that means - does this still imply the OID format? And how is the OID represented in the first place?). I am not sure how useful this is in practice. Perhaps some examples would help me to find both useful. 6) The usage of the TC labels makes sense. This of course assumes that the labels are never changed. The SMIv2 actually allows to change labels (although this is a really bad idea in most cases). Since you import labels from IANA maintained modules, perhaps IANA should be aware that these labels have significance and should not be changed. OK, I am making up a story here but I thought I at least mention that there is this implicit assumption here that the labels of enumerations are somewhat stable. 7) I think some text should be added to better describe the relationship to X.733 (what subset of X.733 is covered by the new SD-ID?) and RFC 3877 (how does the information captured in the SD-ID relate to the information captured in the RFC 3877 MIB modules?). 8) I am not sure how to interpret the last paragraph in the security considerations. SYSLOG in general does not seem to have a notion who the receiver is unless you run it over a secure transport. And even if I am lucky to know the identity of the receiver (well I actually can only reasonably know the identity of the next hop which might be a proxy), then does the paragraph require that the whole SD-ID is removed from the message or only selected SD-PARAM or is the whole message dropped? 9) You might want to update the acknowledgement to include OPSAWG. 10) The reference X.X should be replaced with something meaningful and references need to be updated. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
- [OPSAWG] Begin WG Last Call on draft-ietf-opsawg-… Seely, Ted A [CTO]
- Re: [OPSAWG] Begin WG Last Call on draft-ietf-ops… Juergen Schoenwaelder
- Re: [OPSAWG] Begin WG Last Call on draft-ietf-ops… Sharon Chisholm
- Re: [OPSAWG] Begin WG Last Call on draft-ietf-ops… Juergen Schoenwaelder
- Re: [OPSAWG] Begin WG Last Call ondraft-ietf-opsa… Sharon Chisholm
- Re: [OPSAWG] Begin WG Last Callondraft-ietf-opsaw… Sharon Chisholm
- Re: [OPSAWG] Begin WG Last Callondraft-ietf-opsaw… Scott O. Bradner
- Re: [OPSAWG] Begin WG Last Callondraft-ietf-opsaw… Juergen Schoenwaelder
- Re: [OPSAWG] Begin WG LastCallondraft-ietf-opsawg… Sharon Chisholm
- Re: [OPSAWG] Begin WG LastCallondraft-ietf-opsawg… Juergen Schoenwaelder
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… Sharon Chisholm
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… Juergen Schoenwaelder
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… David Harrington
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… Romascanu, Dan (Dan)
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… David Harrington
- Re: [OPSAWG] Begin WGLastCallondraft-ietf-opsawg-… David Harrington