[secdir] Secdir telechat review of draft-ietf-pim-igmp-mld-yang-12

Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org> Tue, 14 May 2019 13:09 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: ietf@ietf.org, pim@ietf.org, draft-ietf-pim-igmp-mld-yang.all@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Message-ID: <155783939475.30138.17421694804504270662@ietfa.amsl.com>
Date: Tue, 14 May 2019 06:09:54 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/a_3CzB0F0Y_R9cDZKexD1cnZiX8>
Subject: [secdir] Secdir telechat review of draft-ietf-pim-igmp-mld-yang-12

Reviewer: Rifaat Shekh-Yusef
Review result: Ready

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The summary of the review is Ready

This document defines a YANG data model that can be used to
configure and manage Internet Group Management Protocol (IGMP) and
Multicast Listener Discovery (MLD) devices.

The security consideration section seems to follow a well defined template for 
new YANG models, and lists sensitive subtrees and data nodes accordingly.

The data nodes are accessible via well defined network management protocols, 
e.g. NETCONF and RESTCONF, and NACM is used to restrict access to a 
pre-configured subset per user.

Regards,
 Rifaat

[secdir] Secdir telechat review of draft-ietf-pim… Rifaat Shekh-Yusef via Datatracker