[secdir] secdir review of draft-ietf-netmod-smi-yang-04

Leif Johansson <leifj@sunet.se> Wed, 11 April 2012 08:14 UTC

Return-Path: <leifj@sunet.se>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A912D21F850C; Wed, 11 Apr 2012 01:14:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id doV+0IxtTRlK; Wed, 11 Apr 2012 01:14:35 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [IPv6:2001:948:4:1::66]) by ietfa.amsl.com (Postfix) with ESMTP id 239F321F86EF; Wed, 11 Apr 2012 01:14:33 -0700 (PDT)
Received: from [] (dhcp44.se-tug.nordu.net [] (may be forged)) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id q3B8ERjd009780 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 11 Apr 2012 10:14:30 +0200 (CEST)
Message-ID: <4F853D62.1090204@sunet.se>
Date: Wed, 11 Apr 2012 10:14:26 +0200
From: Leif Johansson <leifj@sunet.se>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:11.0) Gecko/20120329 Thunderbird/11.0.1
MIME-Version: 1.0
To: Leif Johansson <leifj@nordu.net>, draft-ietf-netmod-smi-yang.all@tools.ietf.org, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
X-Enigmail-Version: 1.4
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [secdir] secdir review of draft-ietf-netmod-smi-yang-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 08:14:35 -0000

Hash: SHA1


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

The document specifies a translation between SMIv2 (and by reference
to RFC 3584, SMIv1) and YANG. YANG is the information model language
used in NETCONF.

This draft is outside my subject-matter expertise but the core
security issue seems to be around translation of the SMIv2 MAX-ACCESS
macro to YANG. Since YANG doesn't define any corresponding element
an extension to YANG is defined.

However there doesn't seem to be any requirement to implement that
extension. The security considerations section refers the reader to
the security considerations sections for YANG, NETCONF, SMI etc but
claims that "The translation itself has no security impact on the

I would have liked to see a clear normative statement to the effect
that if you relied on MAX-ACCESS in the SMIv2 version of a MIB then
you MUST implement the YANG extension for SMI and that the NETCONF
implementation used MUST respect the resulting smiv2:max-access

	Cheers Leif
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/