Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Last Call Review of draft-ietf-teas-ietf-network-slice-nbi-yang-17
review-ietf-teas-ietf-network-slice-nbi-yang-17-secdir-lc-ounsworth-2025-01-01-00

Versions:

Request	Review of	draft-ietf-teas-ietf-network-slice-nbi-yang
	Requested revision	No specific revision (document currently at 25)
	Type	IETF Last Call Review
	Team	Security Area Directorate (secdir)
	Deadline	2025-01-10
	Requested	2024-12-20
	Requested by	Jim Guichard
	Authors	Bo Wu , Dhruv Dhody , Reza Rokui , Tarek Saad , John Mullooly
	I-D last updated	2025-05-22 (Latest revision 2025-05-09)
	Completed reviews	Rtgdir Early review of -12 by Alvaro Retana (diff) Yangdoctors Early review of -03 by Ladislav Lhotka (diff) Yangdoctors Early review of -16 by Ladislav Lhotka (diff) Secdir IETF Last Call review of -17 by Mike Ounsworth (diff) Rtgdir IETF Last Call review of -17 by Susan Hares (diff) Opsdir IETF Last Call review of -18 by Per Andersson (diff) Tsvart IETF Last Call review of -17 by Kyle Rose (diff) Genart IETF Last Call review of -17 by Ines Robles (diff) Opsdir Telechat review of -22 by Per Andersson (diff)
Assignment	Reviewer	Mike Ounsworth
	State	Completed
	Request	IETF Last Call review on draft-ietf-teas-ietf-network-slice-nbi-yang by Security Area Directorate Assigned
	Posted at	https://mailarchive.ietf.org/arch/msg/secdir/lNUpcCZnGJRz8PJPbSoEFLQIF50
	Reviewed revision	17 (document currently at 25)
	Result	Ready
	Completed	2025-01-01

review-ietf-teas-ietf-network-slice-nbi-yang-17-secdir-lc-ounsworth-2025-01-01-00

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. These comments were written primarily for the benefit of the
security area directors. Document editors and WG chairs should treat
these comments just like any other last call comments.

This document is defining configuration data for use with the Network Slice
Service. The Security Considerations section properly outlines that the Network
Slice Service includes a secure transport layer (SSH / TLS), as well as an
access control layer, and it identifies that some configuration values may be
write-sensitive / read-sensitive, and that it is up to the operator to properly
enforce these protections. I think this sufficiently covers security concerns
related to configuration data.

Last Call Review of draft-ietf-teas-ietf-network-slice-nbi-yang-17 review-ietf-teas-ietf-network-slice-nbi-yang-17-secdir-lc-ounsworth-2025-01-01-00

Last Call Review of draft-ietf-teas-ietf-network-slice-nbi-yang-17
review-ietf-teas-ietf-network-slice-nbi-yang-17-secdir-lc-ounsworth-2025-01-01-00