[secdir] Secdir last call review of draft-ietf-teas-ietf-network-slice-nbi-yang-17
Mike Ounsworth via Datatracker <noreply@ietf.org> Thu, 02 January 2025 04:09 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from [10.244.8.219] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 9EF26C14F6AF; Wed, 1 Jan 2025 20:09:20 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Mike Ounsworth via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.31.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <173579096026.1294137.3101471431174269627@dt-datatracker-65f549669d-2xld9>
Date: Wed, 01 Jan 2025 20:09:20 -0800
Message-ID-Hash: 7B4IJV55O6YHNFJ5RWM5WRFEQ3M6GPFE
X-Message-ID-Hash: 7B4IJV55O6YHNFJ5RWM5WRFEQ3M6GPFE
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-teas-ietf-network-slice-nbi-yang.all@ietf.org, last-call@ietf.org, teas@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Mike Ounsworth <mike.ounsworth@entrust.com>
Subject: [secdir] Secdir last call review of draft-ietf-teas-ietf-network-slice-nbi-yang-17
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/lNUpcCZnGJRz8PJPbSoEFLQIF50>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Reviewer: Mike Ounsworth Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document is defining configuration data for use with the Network Slice Service. The Security Considerations section properly outlines that the Network Slice Service includes a secure transport layer (SSH / TLS), as well as an access control layer, and it identifies that some configuration values may be write-sensitive / read-sensitive, and that it is up to the operator to properly enforce these protections. I think this sufficiently covers security concerns related to configuration data.
- [secdir] Secdir last call review of draft-ietf-te… Mike Ounsworth via Datatracker