Secdir last call review of draft-ietf-rtgwg-yang-vrrp-07

Rich Salz <rsalz@akamai.com> Tue, 05 December 2017 18:59 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rich Salz <rsalz@akamai.com>
To: secdir@ietf.org
Cc: draft-ietf-rtgwg-yang-vrrp.all@ietf.org, ietf@ietf.org, rtgwg@ietf.org
Subject: Secdir last call review of draft-ietf-rtgwg-yang-vrrp-07
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151250038233.23003.7660980675190435187@ietfa.amsl.com>
Date: Tue, 05 Dec 2017 10:59:42 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/5eQUvNYoBzUgeQXkviCMYjOJMbw>

Reviewer: Rich Salz
Review result: Ready

I did this review for the Security Directorate (SECDIR) to help the Security
AD's.

This document is ready.

Section 1.2 gives an augmented diagram syntax; is that common? Should it be
added to "yang proper"?

The security considerations is short and to the point. This document describes
a data model, so the security considerations properly point call out
requirements on any transport mechanism used.  Calling out particularly
vulnerable nodes is good practice. Perhaps add a sentence saying that
"implemented should review all the nodes for security concerns" might be useful.

Secdir last call review of draft-ietf-rtgwg-yang-… Rich Salz
RE: Secdir last call review of draft-ietf-rtgwg-y… Xufeng Liu
Re: Secdir last call review of draft-ietf-rtgwg-y… Salz, Rich