Last Call Review of draft-ietf-netconf-monitoring-
|Requested revision||No specific revision (document currently at 15)|
|Type||Last Call Review|
|Team||Security Area Directorate (secdir)|
|Authors||Martin Björklund , Mark Scott|
|I-D last updated||2010-06-11|
Secdir Last Call review of -??
by Alan DeKok
|Request||Last Call review on draft-ietf-netconf-monitoring by Security Area Directorate Assigned|
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The document defines a data model for netconf monitoring. The security considerations section says in part: Some of the readable data nodes in this YANG module may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g. via get, get-config or notification) to these data nodes. What is unclear from the document is whether or not the data is secure *after* access is gained. i.e. is there a secure transport layer? Should one be used? If not, why? A statement about privacy and security, with a reference to an existing netconf document would be good.