IETF Logo Mail Archive

Re: [secdir] Secdir review of draft-ietf-ccamp-microwave-framework-05

"Yemin (Amy)" <amy.yemin@huawei.com> Fri, 18 May 2018 06:12 UTC

Return-Path: <amy.yemin@huawei.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A09312711E; Thu, 17 May 2018 23:12:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IrszpX5St0u4; Thu, 17 May 2018 23:12:29 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5534012711A; Thu, 17 May 2018 23:12:29 -0700 (PDT)
Received: from LHREML713-CAH.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id D8875FEE20363; Fri, 18 May 2018 07:12:25 +0100 (IST)
Received: from DGGEMA405-HUB.china.huawei.com (10.3.20.46) by LHREML713-CAH.china.huawei.com (10.201.108.36) with Microsoft SMTP Server (TLS) id 14.3.382.0; Fri, 18 May 2018 07:12:25 +0100
Received: from DGGEMA521-MBS.china.huawei.com ([169.254.5.75]) by DGGEMA405-HUB.china.huawei.com ([10.3.20.46]) with mapi id 14.03.0382.000; Fri, 18 May 2018 14:12:23 +0800
From: "Yemin (Amy)" <amy.yemin@huawei.com>
To: Radia Perlman <radiaperlman@gmail.com>
CC: Daniele Ceccarelli <daniele.ceccarelli@ericsson.com>, "draft-ietf-ccamp-microwave-framework.all@tools.ietf.org" <draft-ietf-ccamp-microwave-framework.all@tools.ietf.org>, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, "ccamp@ietf.org" <ccamp@ietf.org>
Thread-Topic: Secdir review of draft-ietf-ccamp-microwave-framework-05
Thread-Index: AQHT5dBO/5ALFr14fkSUuJDxnAyomKQjfqkAgAUccQCADDFO8P//o5aAgAChMpA=
Date: Fri, 18 May 2018 06:12:22 +0000
Message-ID: <9C5FD3EFA72E1740A3D41BADDE0B461FCF004FA1@dggema521-mbs.china.huawei.com>
References: <CAFOuuo7PmeTWMYnetwi_8d-11UZmkPXx7WSje-coH_=ROfr9bA@mail.gmail.com> <VI1PR07MB3167FAE7BD03E6751047B60DF09B0@VI1PR07MB3167.eurprd07.prod.outlook.com> <9C5FD3EFA72E1740A3D41BADDE0B461FCF004E74@dggema521-mbs.china.huawei.com> <CAFOuuo6XWv8NnWN2SDXDFJ-6FZVmvC-T8i8k+M3wXb2aARfqBg@mail.gmail.com>
In-Reply-To: <CAFOuuo6XWv8NnWN2SDXDFJ-6FZVmvC-T8i8k+M3wXb2aARfqBg@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.169.30.234]
Content-Type: multipart/alternative; boundary="_000_9C5FD3EFA72E1740A3D41BADDE0B461FCF004FA1dggema521mbschi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/WqWJQsIwTPDVGpmY2VtAHYXpbh8>
Subject: Re: [secdir] Secdir review of draft-ietf-ccamp-microwave-framework-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2018 06:12:32 -0000

"evolving toward a component" is to say that one single software (the component) has the functionality of both NMS and SDN.
If you think it’s not clear enough, we could replace with what you suggested.

Amy
From: Radia Perlman [mailto:radiaperlman@gmail.com]
Sent: Friday, May 18, 2018 12:30 PM
To: Yemin (Amy) <amy.yemin@huawei.com>
Cc: Daniele Ceccarelli <daniele.ceccarelli@ericsson.com>; draft-ietf-ccamp-microwave-framework.all@tools.ietf.org; The IESG <iesg@ietf.org>; secdir@ietf.org; ccamp@ietf.org
Subject: Re: Secdir review of draft-ietf-ccamp-microwave-framework-05

Thank you!  Though what you're suggesting is awkward English.

Perhaps "We note that the distinction between NMS and SDN is not all that clear, and the two are evolving to be more and more similar." could replace the first sentence.  I'm really not sure what you meant by "evolving toward a component", so perhaps I'm not capturing what you are intending to say.


Radia

On Thu, May 17, 2018 at 7:03 PM, Yemin (Amy) <amy.yemin@huawei.com<mailto:amy.yemin@huawei.com>> wrote:
Hi Radia,

We just updated the draft, https://datatracker.ietf.org/doc/draft-ietf-ccamp-microwave-framework/.
Your comments are addressed in the latest version.

BR,
Amy
From: Yemin (Amy)
Sent: Thursday, May 10, 2018 4:07 PM
To: 'Daniele Ceccarelli' <daniele.ceccarelli@ericsson.com<mailto:daniele.ceccarelli@ericsson.com>>; Radia Perlman <radiaperlman@gmail.com<mailto:radiaperlman@gmail.com>>; draft-ietf-ccamp-microwave-framework.all@tools.ietf.org<mailto:draft-ietf-ccamp-microwave-framework.all@tools.ietf.org>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; secdir@ietf.org<mailto:secdir@ietf.org>
Subject: RE: Secdir review of draft-ietf-ccamp-microwave-framework-05

Hi Radia,

Thanks for your review.

Regarding the NMS and SDN, as Daniele suggested, we will add the following text in section 3:
“It's noted that there's idea that the NMS and SDN are evolving towards a component, and the distinction between them is quite vague. Another fact is that there is still plenty of networks where NMS is still considered as the implementation of the management plane, while SDN is considered as the centralization of the control plane. They are still kept as separate component.”

Regarding the security considerations, yes, this draft doesn’t specify the parameters.
There’s another draft draft-ietf-ccamp-mw-yang, where the security consideration is addressed as you suggested.

BR,
Amy
From: Daniele Ceccarelli [mailto:daniele.ceccarelli@ericsson.com]
Sent: Monday, May 07, 2018 5:46 PM
To: Radia Perlman <radiaperlman@gmail.com<mailto:radiaperlman@gmail.com>>; draft-ietf-ccamp-microwave-framework.all@tools.ietf.org<mailto:draft-ietf-ccamp-microwave-framework.all@tools.ietf.org>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; secdir@ietf.org<mailto:secdir@ietf.org>
Subject: RE: Secdir review of draft-ietf-ccamp-microwave-framework-05

Hi Radia,

let me reply on behalf of the authors. First of all many thanks for your review.

Regarding your question about traditional NMS vs SDN I agree with you on the fact that they are evolving towards a common component and the distinction is quite blurry, but there is still plenty of networks where NMS is still considered as the implementation of the management plane while SDN the centralization of the control plane and they are still kept as separate things.

Hence, since the authors speak about “traditional” NMS and SDN I would tend to allow for the distinction to be kept. If you prefer a note speaking about the convergence of the two things can be added.

Thanks a lot
Daniele  (ccamp co-chair)

From: Radia Perlman [mailto:radiaperlman@gmail.com]
Sent: lunedì 7 maggio 2018 08:55
To: draft-ietf-ccamp-microwave-framework.all@tools.ietf.org<mailto:draft-ietf-ccamp-microwave-framework.all@tools.ietf.org>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>; secdir@ietf.org<mailto:secdir@ietf.org>
Subject: Secdir review of draft-ietf-ccamp-microwave-framework-05

Sorry...resending because I mistyped the author address.


---------- Forwarded message ----------
From: Radia Perlman <radiaperlman@gmail.com<mailto:radiaperlman@gmail.com>>
Date: Sun, May 6, 2018 at 11:48 PM
Subject: Secdir review of draft-ietf-ccamp-microwave-framework-05
To: draft-ietf-ccamp-microwave-framework-05.all@tools.ietf.org<mailto:draft-ietf-ccamp-microwave-framework-05.all@tools.ietf.org>, The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>, secdir@ietf.org<mailto:secdir@ietf.org>
Summary:  No security issues found, but I do have questions, and there are editing glitches

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area
directors.  Document editors and WG chairs should treat these comments just
like any other last call comments.

This document describes the management interface for microwave radio links.
It advocates (correctly, I believe) that such an interface should be extensible to provide for vendor-specific features.

I don't understand the difference between a "a traditional network management system" and SDN.  Perhaps it is not the job of this document to clearly make the distinction, and I suspect there is no real distinction...setting parameters (traditional network management) is a way of "programming" an interface ("SDN").

This document could use an editing pass for glitches, but these glitches do not impact its readability.

The glitches consist  mostly of leaving out little words like "of" in the following sentence.
"The adoption of an SDN framework for management and
   control the microwave interface is one of the key applications for
   this work."

The security considerations say that they assume a secure transport layer (authenticated, probably encryption isn't necessary) for communication.  Other than that, perhaps, there might be security considerations for inadvertently setting parameters incorrectly, or maliciously by a trusted administrator.  But this document does not specify the specific parameters to be managed, just a general framework.

Radia

v2.23.0 | Report a Bug | By Email