Last Call Review of draft-ietf-i2nsf-nsf-monitoring-data-model-12
review-ietf-i2nsf-nsf-monitoring-data-model-12-secdir-lc-shore-2021-11-24-00

I've marked this "not ready" only because of the quality of the writing, which
is both unidiomatic and ungrammatical throughout the document.  But, the draft
has been through working group last call, and if the working group is good with
it, I'm good with it - I'm here to do a security review, and it's basically
fine in that regard.

A couple of nits:

In section 6, it seems to me that by having two different dampening messages
you risk having both no-dampening and on-repetition active at the same time
(implementers don’t always make good decisions).  Setting on-repetition to an
impossible value (say, -1) could serve the same purpose as no-dampening and
avoid possible implementation errors.

I'm curious why you’re monitoring system things (cpu, disk), since presumably
those are also being monitored elsewhere.

In the security considerations section you may want to discuss some of the
limitations of relying not he transport protocol to protect the data,
particularly around data authenticity, etc.