[secdir] secdir review of draft-ietf-lime-yang-connectionless-oam-11

Charlie Kaufman <charliekaufman@outlook.com> Sun, 15 October 2017 03:57 UTC

Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89E701321AC; Sat, 14 Oct 2017 20:57:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PPnq6rDfu60L; Sat, 14 Oct 2017 20:57:38 -0700 (PDT)
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-oln040092007102.outbound.protection.outlook.com [40.92.7.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97CB21241F3; Sat, 14 Oct 2017 20:57:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=kQcBMTD5sYKIneQKXgZwJxg86ryA75Sc6s4kFK8aucU=; b=jon7XcC6CfIkXXXRseiJQUZ+Lhsyh+57SSq5j9tCqTJWsLCi57zY8x5YY/QzIgCJzhAJNDUtMvrVy+762nLvTkN4bl+aQv9sed93fmbHqs/wY/7M/fpjYfgKwz2XjSARn70eiTo0ndhaa8VSnI70O8tRnnpQaAvGdhFnloenRz3iVyMpjxg7+BYX0C3VtCd6Tlo0dYftYl5R2u1wQEhyRaFYTp40odknMHTDWGpsu4CtOwNhC0PONhdWiTKU48mBp9cnB2VrOG1xMKYwWP9MzlafiasLVZrRTjXVl062G6ruhIU+9ce1RhaCg/0574kCIR58t1nag7XRSnt0aPNd/g==
Received: from DM3NAM03FT010.eop-NAM03.prod.protection.outlook.com (10.152.82.54) by DM3NAM03HT089.eop-NAM03.prod.protection.outlook.com (10.152.83.195) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.77.10; Sun, 15 Oct 2017 03:57:34 +0000
Received: from CY4PR1701MB1926.namprd17.prod.outlook.com (10.152.82.58) by DM3NAM03FT010.mail.protection.outlook.com (10.152.82.65) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.77.10 via Frontend Transport; Sun, 15 Oct 2017 03:57:34 +0000
Received: from CY4PR1701MB1926.namprd17.prod.outlook.com ([10.171.212.143]) by CY4PR1701MB1926.namprd17.prod.outlook.com ([10.171.212.143]) with mapi id 15.20.0077.022; Sun, 15 Oct 2017 03:57:34 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-lime-yang-connectionless-oam.all@ietf.org" <draft-ietf-lime-yang-connectionless-oam.all@ietf.org>
Thread-Topic: secdir review of draft-ietf-lime-yang-connectionless-oam-11
Thread-Index: AQHTRWlfh4+GQ0heREaViILKKGb1NQ==
Date: Sun, 15 Oct 2017 03:57:34 +0000
Message-ID: <CY4PR1701MB1926E502B5738D79557613EADF4E0@CY4PR1701MB1926.namprd17.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:AB8873852CB4FF7BAA4780100D6301AF852EC657B3A55BC6253C5DD0D14335C8; UpperCasedChecksum:D8639F325D3ADC83A5DC227982815625ED89261A0522BDC24E4C4ACC57B55B79; SizeAsReceived:7191; Count:44
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [wEGerpBpuVT9tliF1DjA6db1BjRRTmi0JShksF7WG5vKy2yETeW/auiHcCdhdUn0]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM3NAM03HT089; 6:SEHNKwro/Jt2idiLxfKHZKSfxaZn+4+zd6Pr15UQegcVaRzLVdq5FNZgRgZlHVKZsfPDAkVOd25BHVg8bG2aE1aU8J9iq7Hqj0PsEhf7h7lxbPhUWhMJyGQ96rnLAu8PE9j6yYuLlI9IlRmnou1ipd8AVq1vs+qYccyQc4vXikIsjx0BmSP0QCp+YUkBl4pXCBjdZRzmYIbB4k0c0mMZYAaMtEgAr/nDx8gr9oDx4FpGnVOOtsQ/Bb2mQbjTVHc7KmLWyc275WaIzErpbop3rTCSkKqjjsulSzkCoobDirm4L0IfPUvqkCFJT6eUZTYy/pGnThOFLCaAiG7FsEZeoA==; 5:pN7kMq/SC+r5eaX+JplTCZuR9/uhB47S/KsMY0HM39g/SWpP9T/Th4hI9tQR+QaQNk53sjlx04kvo3L3VwnBGRZV8XhzHydBCmS/NNe1gJHcM7MQJGrUXUQXfESOlqL0vEw3+G9IU4XNKOjSD0SzfQ==; 24:tbqZ5H/MjTRdAO5EB6NscuuaWyp4unnjlOTtMF0g0qvByK5EQOpKtp7i35GnE8yYukaGqSeHobvs69HbWVgUEAjVatNQ+zg8nJ5JGVydxi4=; 7:yHFNF0v9QHeUVVYPjayjzANBMqmH5qg+IikJLLyz/lZoYe14G+vLhJOrAPgB955AYy88NCF8b14cFanpk0zSZ+uHawoXOsmKSkGU1FAdlLzCIsEf2tA2i21xj2qiFl8PrM79QWVtKFbqlvHskuAh8XH8PtosAyhusme3KhUIbCLJYP86rwrhGpUkitGdADIMsL5ixwtkVtk4PrxHfEI/sguiEg/r7Fww3Ls4cmi2BFg=
x-incomingheadercount: 44
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id: 71bb2585-8fc7-4786-e84c-08d51380de05
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(201702061074)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1601125374)(1603101448)(1701031045); SRVR:DM3NAM03HT089;
x-ms-traffictypediagnostic: DM3NAM03HT089:
authentication-results: outbound.protection.outlook.com; spf=skipped (originating message); dkim=none (message not signed) header.d=none; dmarc=none action=none header.from=outlook.com;
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(444000031); SRVR:DM3NAM03HT089; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM3NAM03HT089;
x-forefront-prvs: 046164D5C4
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:DM3NAM03HT089; H:CY4PR1701MB1926.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR1701MB1926E502B5738D79557613EADF4E0CY4PR1701MB1926_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2017 03:57:34.3838 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3NAM03HT089
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/aq4U0GtO7maxJL0egMFnaaKsvYE>
Subject: [secdir] secdir review of draft-ietf-lime-yang-connectionless-oam-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Oct 2017 03:57:40 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.


This document defines a data structure and defines a data transfer syntax for retrieving and sometimes setting routing configuration information from network intermediaries and possibly network endpoints.


This document is pretty much unreadable unless one is immersed in the arcane world of OAM YANG models. I remember having the same reaction to MIB RFCs. That's not a criticism... just acknowledging my lack of qualification to do this review. That said, I have some observations/feedback.

Documents not intended to be readable by outsiders should include in the introduction a reference to documents that the reader is expected to have read before reading this one. I made it through most of the document before realizing I had (probably) misparsed the title (I'm still not sure). I assumed this specified something related to "Connectionless Operations, Administration, and Maintenance Protocols" since those are the last words of the title. The fact that the Introduction used Ping and Traceroute as protocols that this protocol wanted to generalize reinforced that view. Such protocols have severe security issues because there is effectively no way to add encryption, authentication, and authorization to them. But the Security Considerations section specifies that these protocols are intended to be layered over NETCONF or RESTCONF (both connection-oriented protocols that can be run over secure transports). So I now believe this document is about accessing configuration information that concerns connectionless protocols, but that it is not intended to run over connectionless protocols. But the data types defined appear to be of interest to both connectionless and connection oriented data transfer. If I have this wrong, then there are serious problems with security. If not, then it is probably fine.


Formatting Glitches / Typos:


Throughout the document, there seems to be a problem with  spaces erroneously inserted and removed near single quotes and the sequence: "e.g..". A particularly dramatic example is at the top of page 5:

   'grouping is chosen based on 'tp-location-type' leaf which when
   chosen, leads to a container that includes a list of 'test-point-
   locations' keyed by technology specific keys(e.g.,
   'ipv4-location'leaf).  Each test point location under 'test-point-
   locations 'grouping includes a 'test-point-location-info' grouping.


I believe Section 3.6 has a wording error exacerbated by the space problem. In any case, I could not parse the following:

   Path discovery includes data to be
   retrieved on a 'per- hop' basis via a list of 'path-trace-info-
   list'list which includes information like 'timestamp'grouping, '
   ingress-intf-name ', ' egress-intf-name ' and 'app-meta-data'.


Starting on page 21, there appear to be many lines that exceed the maximum length for an RFC. This causes the PDF rendering to switch to a smaller font for the pages that contain the long lines.


Awkward English in section 5.2.1.2:

   To support lsp-ping, the "ietf-connectionless-oam" model can be
   extended and add lsp-ping specific parameters can be defined and
   under "test-point-location" list.

   User can reuse the attributes or groupings which are defined in
   [I-D.zheng-mpls-lsp-ping-yang-cfg] as follows:

   The snippet below depicts an example of augmenting the "test-point-
   locations" list with lsp ping attributes: