Skip to main content

Last Call Review of draft-ietf-netmod-factory-default-14
review-ietf-netmod-factory-default-14-genart-lc-bryant-2020-03-12-00

Request Review of draft-ietf-netmod-factory-default
Requested revision No specific revision (document currently at 15)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2020-03-16
Requested 2020-03-02
Authors Qin Wu , Balázs Lengyel , Ye Niu
I-D last updated 2020-03-12
Completed reviews Yangdoctors Last Call review of -07 by Carl Moberg (diff)
Rtgdir Last Call review of -14 by Tony Przygienda (diff)
Genart Last Call review of -14 by Stewart Bryant (diff)
Secdir Last Call review of -14 by Stephen Kent (diff)
Assignment Reviewer Stewart Bryant
State Completed
Request Last Call review on draft-ietf-netmod-factory-default by General Area Review Team (Gen-ART) Assigned
Posted at https://mailarchive.ietf.org/arch/msg/gen-art/498hHuJzgBADog8tUBesUmXEbPw
Reviewed revision 14 (document currently at 15)
Result Ready
Completed 2020-03-12
review-ietf-netmod-factory-default-14-genart-lc-bryant-2020-03-12-00
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-netmod-factory-default-14
Reviewer: Stewart Bryant
Review Date: 2020-03-12
IETF LC End Date: 2020-03-16
IESG Telechat date: Not scheduled for a telechat

Summary: A well written document that is pretty much ready to go. I only have
one concern and that is whether the overwrite pattern needs some text so that
it does not accidentally become a covert channel.

Major issues: None

Minor issues:

 "All security sensitive data (i.e., private keys, passwords, etc.)  SHOULD be
 overwritten with zeros or a pattern before deletion.  "

"a pattern" is possibly vague, and care needs to be taken that this is not a
covert channel. Possibly it needs to say something like "an implementation
specific common pattern"?

Nits/editorial comments:

Nits contains a warning about references, but one concerns text that will
removed, and the other is a format error that will be fixed in publication

I saw the SecDir comment on RPC. This is a starred term in the abbreviation
list and does not technically need expanding.