Last Call Review of draft-ietf-ccamp-l1csm-yang-24
review-ietf-ccamp-l1csm-yang-24-secdir-lc-sheffer-2024-01-28-00

The document describes a simple YANG model for L1 service management. IMO it is
ready to go, with a few nits:

Sec. 1.2: the actual YANG module in Sec. 4 says "Refer to MEF 63 for all
terms", so I would expect MEF 63 to be used as a reference for terminology here
(and that document does have a very nice glossary).

Sec. 2, 2nd paragraph: the word "includes" is redundant.

Sec. 5: I'm a bit puzzled about the three IDs that were called out as
sensitive: uni-id, service-id and endpoint-id. One reason for sensitivity is
that they may disclose interesting information. Another reason is that "they
must also be correctly configured to ensure the Subscriber and Service Provider
connection is established." But I think the latter reason applies to everything
else, e.g. "protocol", "optical-interface". In other words, just about
everything in this module can be used to bring down the UNI, and therefore all
attributes should be considered sensitive.

Sec. 5: "These are the subtrees and data nodes and their
sensitivity/vulnerability" - but then we list the subtrees but no specific
details about sensitivity/vulnerability.