Telechat Review of draft-ietf-netmod-entity-07
review-ietf-netmod-entity-07-secdir-telechat-emery-2018-01-11-00

Request Review of draft-ietf-netmod-entity
Requested rev. no specific revision (document currently at 08)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2018-01-09
Requested 2017-12-21
Other Reviews Yangdoctors Last Call review of -07 by Radek Krejčí (diff)
Genart Telechat review of -07 by Meral Shirazipour (diff)
Review State Completed
Reviewer Shawn Emery
Review review-ietf-netmod-entity-07-secdir-telechat-emery-2018-01-11
Posted at https://mailarchive.ietf.org/arch/msg/secdir/Vj4FGRXB_APcwkutny9rv9rcMvA
Reviewed rev. 07 (document currently at 08)
Review result Ready
Draft last updated 2018-01-11
Review completed: 2018-01-11

Review
review-ietf-netmod-entity-07-secdir-telechat-emery-2018-01-11

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security
area directors. Document editors and WG chairs should treat these
comments just like any other last call comments.

This draft specifies a YANG data model for server hardware configuration
and status information.

The security considerations section does exist and follows the mib-security
template.  With this, the section defines the nodes that have sensitive
information.  Access controls are provided by the network management
protocol.  I agree with the provided set of nodes considered sensitive,
which covers the majority of them.  The section also states that there is a
MTI for secure transport of the underlying network management protocols
with SSH or TLS.  I believe that the section sufficiently covers the
various security concerns of the draft.

General comments:

None.

Editorial comments:

None.

Shawn.
--