Last Call Review of draft-ietf-netmod-interfaces-cfg-10
review-ietf-netmod-interfaces-cfg-10-secdir-lc-emery-2013-05-16-00
Request | Review of | draft-ietf-netmod-interfaces-cfg |
---|---|---|
Requested revision | No specific revision (document currently at 16) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2013-05-03 | |
Requested | 2013-04-25 | |
Authors | Martin Björklund | |
I-D last updated | 2013-05-16 | |
Completed reviews |
Genart Last Call review of -10
by Roni Even
(diff)
Genart Last Call review of -14 by Roni Even (diff) Genart Last Call review of -15 by Roni Even (diff) Secdir Last Call review of -10 by Shawn M Emery (diff) Opsdir Early review of -13 by Susan Hares (diff) |
|
Assignment | Reviewer | Shawn M Emery |
State | Completed | |
Request | Last Call review on draft-ietf-netmod-interfaces-cfg by Security Area Directorate Assigned | |
Reviewed revision | 10 (document currently at 16) | |
Result | Ready | |
Completed | 2013-05-16 |
review-ietf-netmod-interfaces-cfg-10-secdir-lc-emery-2013-05-16-00
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This internet-draft specifies a data model used for the management of network interfaces. The security considerations section does exist and discusses that the data is made available through the NETCONF protocol. NETCONF uses SSH to access and transfer said data. It goes on to discuss the implications of unattended access to list and leaf data, but does not provide guidance on how to mitigate against unauthorized access. If this is discussed in the NETCONF draft then this draft should at least provide this reference. General comments: None. Editorial comments: None. Shawn. --