Telechat Review of draft-ietf-netmod-entity-07
review-ietf-netmod-entity-07-secdir-telechat-emery-2018-01-11-00
| Request | Review of | draft-ietf-netmod-entity |
|---|---|---|
| Requested revision | No specific revision (document currently at 08) | |
| Type | Telechat Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2018-01-09 | |
| Requested | 2017-12-21 | |
| Authors | Andy Bierman , Martin Björklund , Jie Dong , Dan Romascanu | |
| I-D last updated | 2018-01-11 | |
| Completed reviews |
Yangdoctors Last Call review of -07
by Radek Krejčí
(diff)
Genart Telechat review of -07 by Meral Shirazipour (diff) Secdir Telechat review of -07 by Shawn M Emery (diff) |
|
| Assignment | Reviewer | Shawn M Emery |
| State | Completed | |
| Request | Telechat review on draft-ietf-netmod-entity by Security Area Directorate Assigned | |
| Reviewed revision | 07 (document currently at 08) | |
| Result | Ready | |
| Completed | 2018-01-11 |
review-ietf-netmod-entity-07-secdir-telechat-emery-2018-01-11-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft specifies a YANG data model for server hardware configuration and status information. The security considerations section does exist and follows the mib-security template. With this, the section defines the nodes that have sensitive information. Access controls are provided by the network management protocol. I agree with the provided set of nodes considered sensitive, which covers the majority of them. The section also states that there is a MTI for secure transport of the underlying network management protocols with SSH or TLS. I believe that the section sufficiently covers the various security concerns of the draft. General comments: None. Editorial comments: None. Shawn. --