Last Call Review of draft-ietf-opsawg-ntf-09
review-ietf-opsawg-ntf-09-secdir-lc-melnikov-2021-10-26-00
| Request | Review of | draft-ietf-opsawg-ntf |
|---|---|---|
| Requested revision | No specific revision (document currently at 13) | |
| Type | Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2021-10-27 | |
| Requested | 2021-10-13 | |
| Authors | Haoyu Song , Fengwei Qin , Pedro Martinez-Julia , Laurent Ciavaglia , Aijun Wang | |
| I-D last updated | 2021-10-26 | |
| Completed reviews |
Genart Last Call review of -09
by Gyan Mishra
(diff)
Secdir Last Call review of -09 by Alexey Melnikov (diff) Opsdir Last Call review of -09 by Sheng Jiang (diff) Tsvart Last Call review of -09 by Michael Scharf (diff) Intdir Telechat review of -10 by Jean-Michel Combes (diff) Rtgdir Telechat review of -10 by Dhruv Dhody (diff) |
|
| Assignment | Reviewer | Alexey Melnikov |
| State | Completed | |
| Request | Last Call review on draft-ietf-opsawg-ntf by Security Area Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/secdir/OcaHzauz3C13X8qDk25v7AfBSkM | |
| Reviewed revision | 09 (document currently at 13) | |
| Result | Ready | |
| Completed | 2021-10-26 |
review-ietf-opsawg-ntf-09-secdir-lc-melnikov-2021-10-26-00
Reviewer: Alexey Melnikov Review result: Ready Hi, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Network telemetry is a technology for gaining network insight and facilitating efficient and automated network management. This document defines network telemetry as an extension of Operations, Administration, and Management (OAM) techniques. This document clarifies the terminologies and classifies the modules and components of a network telemetry system from different perspectives, in particilar whether they operate at the control plane, the management plane or the forwarding plane. Examples of both IETF and non IETF technologies are given. The document is well written and has a good Security Considerations section. As this document is describing a framework, the security considerations stay generic, but the Security Considerations covers everything I can think of in regards to data confidentiality, privacy, access control, etc. Nits: JSON and XML should have informative references. Best Regards, Alexey