Skip to main content

Last Call Review of draft-ietf-i2nsf-nsf-monitoring-data-model-12

Request Review of draft-ietf-i2nsf-nsf-monitoring-data-model
Requested revision No specific revision (document currently at 20)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2021-12-01
Requested 2021-11-17
Authors Jaehoon Paul Jeong , Patrick Lingga , Susan Hares , Liang Xia , Henk Birkholz
I-D last updated 2021-11-24
Completed reviews Yangdoctors Early review of -04 by Andy Bierman (diff)
Yangdoctors Last Call review of -06 by Andy Bierman (diff)
Genart Last Call review of -12 by Dale R. Worley (diff)
Artart Last Call review of -12 by Valery Smyslov (diff)
Secdir Last Call review of -12 by Melinda Shore (diff)
Tsvart Last Call review of -12 by Kyle Rose (diff)
Secdir Telechat review of -14 by Melinda Shore (diff)
Intdir Telechat review of -14 by Donald E. Eastlake 3rd (diff)
Assignment Reviewer Melinda Shore
State Completed
Request Last Call review on draft-ietf-i2nsf-nsf-monitoring-data-model by Security Area Directorate Assigned
Posted at
Reviewed revision 12 (document currently at 20)
Result Not ready
Completed 2021-11-24
I've marked this "not ready" only because of the quality of the writing, which
is both unidiomatic and ungrammatical throughout the document.  But, the draft
has been through working group last call, and if the working group is good with
it, I'm good with it - I'm here to do a security review, and it's basically
fine in that regard.

A couple of nits:

In section 6, it seems to me that by having two different dampening messages
you risk having both no-dampening and on-repetition active at the same time
(implementers don’t always make good decisions).  Setting on-repetition to an
impossible value (say, -1) could serve the same purpose as no-dampening and
avoid possible implementation errors.

I'm curious why you’re monitoring system things (cpu, disk), since presumably
those are also being monitored elsewhere.

In the security considerations section you may want to discuss some of the
limitations of relying not he transport protocol to protect the data,
particularly around data authenticity, etc.