[secdir] secdir review of draft-ietf-netmod-rfc8022bis
Carl Wallace <carl@redhoundsoftware.com> Mon, 22 January 2018 19:01 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D75BD12AF6E for <secdir@ietfa.amsl.com>; Mon, 22 Jan 2018 11:01:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7jTYOZijZfJ for <secdir@ietfa.amsl.com>; Mon, 22 Jan 2018 11:01:03 -0800 (PST)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9B9D129C56 for <secdir@ietf.org>; Mon, 22 Jan 2018 11:01:02 -0800 (PST)
Received: by mail-qt0-x232.google.com with SMTP id x27so23514829qtm.12 for <secdir@ietf.org>; Mon, 22 Jan 2018 11:01:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :mime-version:content-transfer-encoding; bh=9AA/MfyfpFgCYire9qRoFP2IqpluyldncvtEYAElV3k=; b=ZRPM2A3DS2m3q/M4YVU8hVQhl4VEOc6qIPrYnhOvNy6APx+JRCxi7EdF5RYsONP3aG GV3zkiXt05zUM6Ivr4x/fkGQUBQ3q+/dV+6EVF3fAF4jCUfnAH3aA85JLAYjEHBe2EU9 ioSRAb0AMPAvxNgtEP938oWS75sL+G0XbMI/A=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:cc:message-id :thread-topic:mime-version:content-transfer-encoding; bh=9AA/MfyfpFgCYire9qRoFP2IqpluyldncvtEYAElV3k=; b=HMSvLnl9iv5lDkqcK6wtg2FZgq+V5dvUaZ/kjl9XJ3AX1WTHqZadusCRpFUmvkdecK xP+rceuQawJRzllQgE2TgB5GRewMU/ONb4ZZctGD/5KGy75dzAzecul8DkypeZBdGIIF wE7WyT9YvOnPvMwzgBp+mEL8HnSJFeCTv2nkAQ6UMOu/YmPsuxXTIYtTIltk1O7MILsE odLtCsWU5P9Sqv9p63v414Jb26a8yjckeIm5GNpKvgQjcXrLlNz6ZUG3glj2s/LsCEa+ gei64ncJa/+VKMWPJ7lKAnD1CI/5iXNbMxyBQ+g7SvjDWsGvrvkxQy1Qs1hzwOaAlT0/ fhug==
X-Gm-Message-State: AKwxytdZqxe0OLANlqzXzHENdUPrFpI80/S5Vege8OK1pCGLzedyyMK5 dIA6T8OjOJGGxrAS7tePhQsRJw==
X-Google-Smtp-Source: AH8x227knu9IRQvl5LssoTURdsc7rm+HSnyfPIQdrxXJo68v3fWyGa0IQbtpG64mz3oIOcA6D8v4IQ==
X-Received: by 10.55.204.18 with SMTP id r18mr11327476qki.212.1516647661419; Mon, 22 Jan 2018 11:01:01 -0800 (PST)
Received: from [10.44.104.35] ([64.94.31.206]) by smtp.googlemail.com with ESMTPSA id k3sm10667270qtj.40.2018.01.22.11.00.56 (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 22 Jan 2018 11:01:00 -0800 (PST)
User-Agent: Microsoft-MacOutlook/14.7.6.170621
Date: Mon, 22 Jan 2018 14:00:49 -0500
From: Carl Wallace <carl@redhoundsoftware.com>
To: draft-ietf-netmod-rfc8022bis.all@ietf.org
CC: secdir@ietf.org, iesg@ietf.org
Message-ID: <D68B9F11.ADD98%carl@redhoundsoftware.com>
Thread-Topic: secdir review of draft-ietf-netmod-rfc8022bis
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/v-BIpt254p8i_JzynBp0xI6AFiA>
Subject: [secdir] secdir review of draft-ietf-netmod-rfc8022bis
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jan 2018 19:01:13 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. I found no issues with the draft. The security considerations section references NETCONF and RESTCONF for network security, with SSH and TLS used. This seems fine but I wonder if some guidance on using these a la RFC6125 would be helpful for some. One question in the security consideration section. Twice "/routing/ribs/rib" is referred to a list. Should this be "/routing/ribs"?
- [secdir] secdir review of draft-ietf-netmod-rfc80… Carl Wallace
- Re: [secdir] secdir review of draft-ietf-netmod-r… Acee Lindem (acee)
- Re: [secdir] secdir review of draft-ietf-netmod-r… Acee Lindem (acee)