Skip to main content

Last Call Review of draft-ietf-teas-yang-te-topo-20

Request Review of draft-ietf-teas-yang-te-topo
Requested revision No specific revision (document currently at 22)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-05-15
Requested 2019-05-01
Authors Xufeng Liu , Igor Bryskin , Vishnu Pavan Beeram , Tarek Saad , Himanshu C. Shah , Oscar Gonzalez de Dios
I-D last updated 2019-05-14
Completed reviews Yangdoctors Last Call review of -08 by Mahesh Jethanandani (diff)
Secdir Last Call review of -15 by Melinda Shore (diff)
Genart Last Call review of -15 by Russ Housley (diff)
Genart Last Call review of -20 by Russ Housley (diff)
Secdir Last Call review of -20 by Melinda Shore (diff)
Assignment Reviewer Melinda Shore
State Completed
Request Last Call review on draft-ietf-teas-yang-te-topo by Security Area Directorate Assigned
Posted at
Reviewed revision 20 (document currently at 22)
Result Not ready
Completed 2019-05-14
This review updates my previous review of the -15 draft (see
 I'm pleased to see the update to the security considerations sections,
although it's still fairly generic and doesn't describe the threat environment
(this may seem like a nit but it's not: describing how changes to individual
subtrees may impact the system does not really detail how a malicious actor may
subvert or disable the system).  I think this section arguably does conform to
the yang-security-guidelines template despite the missing detail and modulo the
missing mandatory references to 5246 and 6536.  I'm torn between marking this
has "Has Issues" (because of the lack of threat description in the Security
Considerations) and "Not Ready" (because of the missing mandatory references)
but am going with the latter, and it's up to the IESG how heavily they'd like
to weight the generic descriptions of modified subtree impacts.