[secdir] Secdir last call review of draft-ietf-i2rs-rib-info-model-14
Paul Wouters <paul@nohats.ca> Sun, 25 February 2018 18:59 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 13009127241; Sun, 25 Feb 2018 10:59:16 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Paul Wouters <paul@nohats.ca>
To: secdir@ietf.org
Cc: i2rs@ietf.org, ietf@ietf.org, draft-ietf-i2rs-rib-info-model.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.72.4
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151958515603.12934.11779217462614817262@ietfa.amsl.com>
Date: Sun, 25 Feb 2018 10:59:16 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/8qCaBydp6esKEIIVBBW0QGjOMPY>
Subject: [secdir] Secdir last call review of draft-ietf-i2rs-rib-info-model-14
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Feb 2018 18:59:16 -0000
Reviewer: Paul Wouters Review result: Has Issues I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Has Issues. This Informational draft specifies an information model for routing information bases (RIBs) , and hints at how a read/write API would look like. I think the document should be improved to clarify this API beyond a simple mention of SSH and TLS in its own section, outside of the Security Consideration section. For example, if this is TLS, what is used? Something restful? xml? json? What would the URI be? And for ssh, what kind of access would be given? How is this restricted to the RIB API ?
- [secdir] Secdir last call review of draft-ietf-i2… Paul Wouters
- Re: [secdir] [i2rs] Secdir last call review of dr… Susan Hares
- Re: [secdir] [i2rs] Secdir last call review of dr… Susan Hares
- Re: [secdir] [i2rs] Secdir last call review of dr… Mahesh Jethanandani
- Re: [secdir] [i2rs] Secdir last call review of dr… Paul Wouters
- Re: [secdir] [i2rs] Secdir last call review of dr… Benjamin Kaduk
- Re: [secdir] [i2rs] Secdir last call review of dr… Benjamin Kaduk
- Re: [secdir] [i2rs] Secdir last call review of dr… Paul Wouters