[secdir] secdir review of draft-ietf-netmod-yang-usage-07

Tom Yu <tlyu@MIT.EDU> Thu, 08 July 2010 16:38 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0CC7F3A6AF3; Thu, 8 Jul 2010 09:38:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[AWL=-1.611, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7DXlp4Iyufh3; Thu, 8 Jul 2010 09:38:44 -0700 (PDT)
Received: from dmz-mailsec-scanner-2.mit.edu (DMZ-MAILSEC-SCANNER-2.MIT.EDU [18.9.25.13]) by core3.amsl.com (Postfix) with ESMTP id F39D33A6B05; Thu, 8 Jul 2010 09:38:43 -0700 (PDT)
X-AuditID: 1209190d-b7c19ae0000009ea-83-4c35ff171c11
Received: from mailhub-auth-2.mit.edu (MAILHUB-AUTH-2.MIT.EDU [18.7.62.36]) by dmz-mailsec-scanner-2.mit.edu (Symantec Brightmail Gateway) with SMTP id D0.BF.02538.71FF53C4; Thu, 8 Jul 2010 12:38:47 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id o68Gck1n003709; Thu, 8 Jul 2010 12:38:47 -0400
Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id o68Gchu8003950 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 8 Jul 2010 12:38:44 -0400 (EDT)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id o68Gch2U022780; Thu, 8 Jul 2010 12:38:43 -0400 (EDT)
To: secdir@ietf.org, iesg@ietf.org, draft-ietf-netmod-yang-usage.all@tools.ietf.org
From: Tom Yu <tlyu@MIT.EDU>
Date: Thu, 08 Jul 2010 12:38:43 -0400
Message-ID: <ldvaaq2lyi4.fsf@cathode-dark-space.mit.edu>
Lines: 27
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: AAAAAA==
Subject: [secdir] secdir review of draft-ietf-netmod-yang-usage-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jul 2010 16:38:45 -0000

This document provides usage guidelines for the YANG data modeling
language so that standards track YANG data models will be more
readable and interoperable.

The Security Considerations section of this document states that it
does not introduce any new or increased risks to the management
system.  In fact, the document includes advice for consistently
communicating those risks in the context of YANG modules.

The Security Considerations section makes reference to a URL

    http://www.ops.ietf.org/yang-security-considerations.txt

which had no content when I last visited it, so I was unable to review
it.

Section 3.4 lists the items whose security risks must be documented in
a conforming specification.  It omits the requirement, stated in Section
4.13, that potentially harmful operations must be mentioned in the
Security Considerations section of the conforming specification.
Section 3.4 should probably include the requirement from 4.13.

Editorial:

Is the use of "<CODE BEGINS>" in the example in Section 3.1 adequately
protected from tools that might interpret that string as beginning a
code component that is never completed?