[secdir] Secdir review of draft-ietf-netmod-snmp-cfg-06

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 12 August 2014 12:24 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id BB0571A0880; Tue, 12 Aug 2014 05:24:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.621
X-Spam-Status: No, score=0.621 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id n0LwNd8o6Ahp; Tue, 12 Aug 2014 05:24:42 -0700 (PDT)
Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F0031A0329; Tue, 12 Aug 2014 05:24:41 -0700 (PDT)
Received: by mail-la0-f45.google.com with SMTP id ty20so7885371lab.32 for <multiple recipients>; Tue, 12 Aug 2014 05:24:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=6iODtDnCqQKrJLOoK6oAOI0PSaEpGtiqLv0W+8pNaLc=; b=lcVYdzwe0IKZXwKZz/81jSPLCB41HJQ1sQOW5+pRDHJ7EL9dtzUeRyDaALgtKqdttQ dqK853CLQTJYS6OSjrwF2f7X4K+SvJ06WPX3wRJArzn6xXE+0ksWLDgSp5QDjdz7eYHl u8kZaS5llY3D/Cll0nXmhuHp5PXeHwu3VYpv1raQpJQsNShdFBAdmjRknmPbRuENIpPE bfCOKsC+aXTg6MH7t+IAtHFFGvnDvqzDrWCRSr5+Bttd+w1d+YfJPjZxX7Crz7Vx64is +Xtj9tGjGDcTsEotpbqvnA8LB0jteUSz5SxglhH9gx8JCArBGXcxz9AuFagsfl+GTv4K E/hQ==
MIME-Version: 1.0
X-Received: by with SMTP id uo7mr3691532lbc.50.1407846278897; Tue, 12 Aug 2014 05:24:38 -0700 (PDT)
Sender: hallam@gmail.com
Received: by with HTTP; Tue, 12 Aug 2014 05:24:38 -0700 (PDT)
Date: Tue, 12 Aug 2014 08:24:38 -0400
X-Google-Sender-Auth: tyDILeEisYTnjyDJHW5FoZ7ZCQI
Message-ID: <CAMm+LwhYeZPAePMkurWuAmMXW+B0F6z-5Ybd1daZEZP_4eSfWw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: draft-ietf-netmod-snmp-cfg.all@tools.ietf.org, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/qSM8Aiairj9LlCYwDUNSt62-8OY
Subject: [secdir] Secdir review of draft-ietf-netmod-snmp-cfg-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Aug 2014 12:24:42 -0000

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This document describes the use of an alternate schema format, YANG
for describing SNMP configuration. As such the schema presented
defines modules that are equivalent to traditionally described ASN.1
MIBs but without the insertion of sharp sticks in the eyes or
underneath the fingernails.

Since SNMP (wisely) forked ASN.1 some time ago and is not tracking
developments in that spec, this is arguably a more principled
approach. This does not in itself raise security concerns but the new
model takes advantage of the modularity and block structure of YANG to
separate areas of the configuration with similar concerns, for example
similar access control requirements.

It might be worth having a look at the specific access control
requirements specified in the security considerations section.