Re: [secdir] Review of draft-ietf-netmod-interfaces-cfg-10

[Benoit Claise <bclaise@cisco.com>]

Hi Shawn,
> Hi,
>
> Shawn Emery <shawn.emery@oracle.com> wrote:
>> I have reviewed this document as part of the security directorate's ongoing
>> effort to review all IETF documents being processed by the IESG. These
>> comments were written primarily for the benefit of the security area
>> directors. Document editors and WG chairs should treat these comments just
>> like any other last call comments.
>>
>> This internet-draft specifies a data model used for the management of network
>> interfaces.
>>
>> The security considerations section does exist and discusses that the data is
>> made available through the NETCONF protocol.  NETCONF uses SSH to access and
>> transfer said data.  It goes on to discuss the implications of unattended
>> access to list and leaf data, but does not provide guidance on how to mitigate
>> against unauthorized access.  If this is discussed in the NETCONF draft then
>> this draft should at least provide this reference.
> This is discussed in the NETCONF Access Control Model (RFC 6536).  We
> got the same comment also from other reviewers, and we will update the
> first paragraph to be:
>
>    The YANG module defined in this memo is designed to be accessed via
>    the NETCONF protocol ^RFC6241^.  The lowest NETCONF layer is the
>    secure transport layer and the mandatory-to-implement secure
>    transport is SSH ^RFC6242^.  The NETCONF access control model
>    ^RFC6536^ provides the means to restrict access for particular
>    NETCONF users to a pre-configured subset of all available NETCONF
>    protocol operations and content.

Note that this text has been recently updated  at 
http://trac.tools.ietf.org/area/ops/trac/wiki/yang-security-guidelines

Regards, Benoit
>
> This text will go into the Security Considerations template that is
> used for other YANG module documents as well.
>
> I hope this addresses your concern.
>
>
> /martin
>
>