Re: [secdir] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 06 March 2018 18:33 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D2CC129C6B; Tue, 6 Mar 2018 10:33:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A7AqE4FhMphl; Tue, 6 Mar 2018 10:33:15 -0800 (PST)
Received: from mail-ot0-x234.google.com (mail-ot0-x234.google.com [IPv6:2607:f8b0:4003:c0f::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296E5124F57; Tue, 6 Mar 2018 10:33:15 -0800 (PST)
Received: by mail-ot0-x234.google.com with SMTP id n74so19283257ota.1; Tue, 06 Mar 2018 10:33:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=r+7uYwKlbnzAyJcboeSn5oIIAQLaa+4dqZWNPiQhKT0=; b=BInr3xXDdWFSMp4HYfTON7Gg+iqCpWt9tMpQ9tFF3spfhqH4dXDNNSxI6Bs3ulvlLi oMmqQSPg9+BoJ/CZ8/ZMry4zuWdmEhaetvyV/SOoAZmualfq+lCslQsLgJ41En8oYD+U NYCM5J2Pi0T5mMQZW1qXnRMmDS9V7YVkxb7XXiJuAzYJFZ8SC0takKtMzw51gqhIvbyx qLDnXMbCT7PTA9he53BDmbesGywFYRyS21zvj4l60GbLzzz2ecOBDxTFuU5hdQyhrYkL MtQ4uB8G4xPLK6nYgGScmBJapljo3mSA/u77W00aq90bwLykOt4x7V4mBRwB84pfRRfZ mO3Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=r+7uYwKlbnzAyJcboeSn5oIIAQLaa+4dqZWNPiQhKT0=; b=oBNm0F69coIuqFO7M1TxioASDs6cLPFneLDFbwxi6SoFNZicnT2SfyE1BN+bJDK213 SdBZ15j/oj9DkqYn3mmidq9cOqseBCZFO77f2pwiRzXmC4GliwWHU3Qw88/alXmTPXTJ jOACPu3XJK+RewbZRVRkVqTJTkC6ie8DKHOE8PnrVUbEaUUsn5+oDoY1riFbWfX//qG8 ykA91paYUDghPGZCS9An42iwWREI74FcSD3GlZcC0cq7RDneUl1O/P87jRiepImtR410 F9ZJ5qH4kDkUqydQdOljSS4xXoGeOlHruJvoL8UKSIninES4suIuJGlWtrzbTgFcd6+R 9ZSg==
X-Gm-Message-State: AElRT7H5XBDGbJ2TKlBzC223GfZrJzxYlnwU8qtwqAnpdztbe/+TRlzN P1/AHU83xZ5ooa24+bHDUdLZcpWJ9sqluZ9Y4ps=
X-Google-Smtp-Source: AG47ELuiuDUpWKcj9R7AEGk7mKKwH/FStj+VklC6ETr3ZLD4D9HkIzFh6PLHEfTiroC7FW0LSbecsCSJPGSwPNbfTgs=
X-Received: by 10.157.33.113 with SMTP id l46mr14317251otd.287.1520361194472; Tue, 06 Mar 2018 10:33:14 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.46.119 with HTTP; Tue, 6 Mar 2018 10:32:33 -0800 (PST)
In-Reply-To: <CABCOCHS5yWgfYnKFcVCOibYGEa1pomaKkKonf1WqfToOCoxG9Q@mail.gmail.com>
References: <151932948231.8096.10376000064045374752@ietfa.amsl.com> <CAHbuEH63ayGp2X+FmL9j9ajvF6nbGZM76YR6ttx0NyBvaQcRdw@mail.gmail.com> <CABCOCHS5yWgfYnKFcVCOibYGEa1pomaKkKonf1WqfToOCoxG9Q@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Tue, 6 Mar 2018 13:32:33 -0500
Message-ID: <CAHbuEH4OhHQaAuVGc2J9dZXTbHq7h0yrtw+QX7MuVOOJG1OZNg@mail.gmail.com>
To: Andy Bierman <andy@yumaworks.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, IETF SecDir <secdir@ietf.org>, IETF <ietf@ietf.org>, NetMod WG <netmod@ietf.org>, draft-ietf-netmod-rfc6087bis.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/aNsLKs-haIffoEzy-XaSWXN4b6w>
Subject: Re: [secdir] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 18:33:17 -0000

Thanks, Andy!

On Tue, Mar 6, 2018 at 12:53 PM, Andy Bierman <andy@yumaworks.com>; wrote:
>
>
> On Tue, Mar 6, 2018 at 9:40 AM, Kathleen Moriarty
> <kathleen.moriarty.ietf@gmail.com>; wrote:
>>
>> Thanks for your review, Stephen!
>>
>> On Thu, Feb 22, 2018 at 2:58 PM, Stephen Farrell
>> <stephen.farrell@cs.tcd.ie>; wrote:
>> > Reviewer: Stephen Farrell
>> > Review result: Ready
>> >
>> >
>> > I reviewed the diff between -18 and RFC6087. [1]
>> >
>> >    [1]
>> > https://www.ietf.org/rfcdiff?url1=rfc6087&url2=draft-ietf-netmod-rfc6087bis-18
>> >
>> > I assume the security ADs were involved already in discussion about
>> > the new security considerations template in 3.7.1 and the text there
>> > does seem fine to me, so I won't even nit-pick about it:-)
>>
>> Yes and I sent it to the SAAG list for review as well along with a
>> followup email on the security review process for YANG documents (a
>> link to the OPSdir page on that).  I don't think any feedback came
>> through as a result of the request, so we should be good with the
>> general considerations for a bit.
>>
>> >
>> > I do have some other nits to note though.
>> >
>> > - There are a number of URLs given for access to updated materials
>> > that use http schemed URLs and that do not use https schemed URLs.
>> > There was a recent IESG statement to the effect that those'd be better
>> > as https URLs. The first such example is in 3.1. In fact that URL is
>> > re-directed (for me) to https. I think a general pass to fix such URLs
>> > to use https wherever possible would be easy and better practice.
>> >
>
>
>
> no objection to changing the URLs to use https
>
>
>>
>> > - Some of the namespaces use http schemed URLs, for example in
>> > section 4.2. I don't know if people are expected to de-reference such
>> > URLs, but if they are then it'd be good to say if https is better to use
>> > or not. (I'd argue it is.) If those URLs are not expected to be
>> > de-referenced, then saying that would be good. (Not that it'd stop
>> > people de-referencing 'em so the change is better in any case;-)
>>
>
> no objection to changing the YANG namespace examples to something else
>
>>
>> I don't see any response on these questions on list and it would be
>> good to get an answer, so I'll include a link in my ballot in case the
>> authors are not seeing it for some reason.
>>
>> Thanks,
>> Kathleen
>>
>> >
>> > Cheers,
>> > S.
>> >
>>
>>
>
>
> Andy
>
>>
>>
>> --
>>
>> Best regards,
>> Kathleen
>
>



-- 

Best regards,
Kathleen