[Softwires] Alissa Cooper's Discuss on draft-ietf-softwire-yang-14: (with DISCUSS and COMMENT)

Alissa Cooper <alissa@cooperw.in> Tue, 08 January 2019 22:03 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: softwires@ietf.org
Delivered-To: softwires@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DDC4C130FAF; Tue, 8 Jan 2019 14:03:12 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alissa Cooper <alissa@cooperw.in>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-softwire-yang@ietf.org, Sheng Jiang <jiangsheng@huawei.com>, softwire-chairs@ietf.org, jiangsheng@huawei.com, softwires@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.89.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <154698499284.25490.17076347273662505510.idtracker@ietfa.amsl.com>
Date: Tue, 08 Jan 2019 14:03:12 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/softwires/_HLR3Dh4QgvcibGAl2TnXAT_wcE>
Subject: [Softwires] Alissa Cooper's Discuss on draft-ietf-softwire-yang-14: (with DISCUSS and COMMENT)
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.29
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/softwires/>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jan 2019 22:03:13 -0000

Alissa Cooper has entered the following ballot position for
draft-ietf-softwire-yang-14: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-softwire-yang/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

The security considerations do not seem to follow the YANG security guidelines
<https://trac.ietf.org/trac/ops/wiki/yang-security-guidelines>. They do not
list the specific writeable and readable subtrees/nodes and why they are
sensitive. The fact that all the writeable nodes could "negatively affect
network operations" seems trivially true for most writeable YANG module nodes.
In the case of these modules, there seem to be multiple different threats
relevant to different nodes, including exposure of data about individual
users/customers, potential for disruption of the operations of the BR or CE,
etc.


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I think "external party" would make more sense than "abuse party."