Early Review of draft-ietf-netconf-yang-patch-07
review-ietf-netconf-yang-patch-07-secdir-early-zhang-2016-01-14-00

Request Review of draft-ietf-netconf-yang-patch
Requested rev. no specific revision (document currently at 14)
Type Early Review
Team Security Area Directorate (secdir)
Deadline 2016-11-01
Requested 2015-12-22
Authors Andy Bierman, Martin Björklund, Kent Watsen
Draft last updated 2016-01-14
Completed reviews Genart Early review of -07 by Roni Even (diff)
Genart Last Call review of -12 by Christer Holmberg (diff)
Secdir Early review of -07 by Dacheng Zhang (diff)
Opsdir Last Call review of -12 by Jouni Korhonen (diff)
Assignment Reviewer Dacheng Zhang
State Completed
Review review-ietf-netconf-yang-patch-07-secdir-early-zhang-2016-01-14
Reviewed rev. 07 (document currently at 14)
Review result Has Nits
Review completed: 2016-01-14

Review
review-ietf-netconf-yang-patch-07-secdir-early-zhang-2016-01-14

I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG.

These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

This document defines a media type for a YANG-based editing mechanism that can be used with the HTTP PATCH method.

I agree that this mechanism does not introduce any new security issues, 

beyond what is described in [I-D.ietf-netconf-restconf]. So, this draft is almost ready for publication. 

A question:

In Section 2.6  you mentioned 'The server will save the running datastore to non-volatile storage' . Do you assume the severs supporting your mechanism always have non-volatile storage?

An editorial comment:

page 15:

The 'value' node will contain one instance of foo:-> The 'value' node contains one instance of foo:

Cheers

Dacheng