[secdir] Review of draft-ietf-netmod-interfaces-cfg-10
Shawn Emery <shawn.emery@oracle.com> Mon, 13 May 2013 07:36 UTC
Return-Path: <shawn.emery@oracle.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96DE721F91D8; Mon, 13 May 2013 00:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4
X-Spam-Level:
X-Spam-Status: No, score=-4 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BozhIDS+C4jv; Mon, 13 May 2013 00:36:04 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id 28CE621F901B; Mon, 13 May 2013 00:36:01 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r4D7Zv5a014028 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 13 May 2013 07:35:58 GMT
Received: from aserz7021.oracle.com (aserz7021.oracle.com [141.146.126.230]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r4D7Zvl1000343 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 13 May 2013 07:35:57 GMT
Received: from abhmt106.oracle.com (abhmt106.oracle.com [141.146.116.58]) by aserz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r4D7ZvPq024139; Mon, 13 May 2013 07:35:57 GMT
Received: from [10.159.108.175] (/10.159.108.175) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 13 May 2013 00:35:57 -0700
Message-ID: <519097A8.40409@oracle.com>
Date: Mon, 13 May 2013 01:35:04 -0600
From: Shawn Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: secdir@ietf.org
References: <5124827A.3070407@oracle.com>
In-Reply-To: <5124827A.3070407@oracle.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Cc: draft-ietf-netmod-interfaces-cfg.all@tools.ietf.org, iesg@ietf.org
Subject: [secdir] Review of draft-ietf-netmod-interfaces-cfg-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 May 2013 07:36:10 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This internet-draft specifies a data model used for the management of network interfaces. The security considerations section does exist and discusses that the data is made available through the NETCONF protocol. NETCONF uses SSH to access and transfer said data. It goes on to discuss the implications of unattended access to list and leaf data, but does not provide guidance on how to mitigate against unauthorized access. If this is discussed in the NETCONF draft then this draft should at least provide this reference. General comments: None. Editorial comments: None. Shawn. --
- [secdir] Review of draft-ietf-mpls-tp-identifiers… Shawn Emery
- [secdir] Review of draft-ietf-sidr-ghostbusters-14 Shawn Emery
- [secdir] Review of draft-ietf-rtgwg-lfa-applicabi… Shawn Emery
- Re: [secdir] Review of draft-ietf-rtgwg-lfa-appli… Stewart Bryant
- [secdir] Review of draft-ietf-manet-smf-13 Shawn Emery
- Re: [secdir] Review of draft-ietf-manet-smf-13 Joe Macker
- [secdir] Review of draft-ietf-conex-concepts-uses… Shawn Emery
- [secdir] Review of draft-melnikov-smtp-priority-t… Shawn Emery
- Re: [secdir] Review of draft-melnikov-smtp-priori… Alexey Melnikov
- [secdir] Review of draft-ietf-dnsop-rfc4641bis-12 Shawn Emery
- Re: [secdir] Review of draft-ietf-dnsop-rfc4641bi… Matthijs Mekking
- Re: [secdir] Review of draft-ietf-dnsop-rfc4641bi… Shawn Emery
- [secdir] Review of draft-ietf-karp-ospf-analysis-… Shawn Emery
- [secdir] Review of draft-ietf-oauth-assertions-09 Shawn Emery
- Re: [secdir] Review of draft-ietf-oauth-assertion… Shawn Emery
- [secdir] Review of draft-ietf-dhc-dhcpv6-client-l… Shawn Emery
- Re: [secdir] Review of draft-ietf-dhc-dhcpv6-clie… Gaurav Halwasia (ghalwasi)
- [secdir] Review of draft-ietf-netmod-interfaces-c… Shawn Emery
- Re: [secdir] Review of draft-ietf-netmod-interfac… Martin Bjorklund
- Re: [secdir] Review of draft-ietf-netmod-interfac… Benoit Claise
- Re: [secdir] Review of draft-ietf-netmod-interfac… Shawn Emery
- [secdir] Review of draft-ietf-xrblock-rtcp-xr-jb-… Shawn M Emery
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Qin Wu
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Gonzalo Camarillo
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Gonzalo Camarillo
- Re: [secdir] Review of draft-ietf-xrblock-rtcp-xr… Donald Eastlake
- [secdir] Review of draft-ietf-repute-query-http-09 Shawn M Emery
- Re: [secdir] Review of draft-ietf-repute-query-ht… Shawn M Emery
- Re: [secdir] Review of draft-ietf-repute-query-ht… Uri Blumenthal
- Re: [secdir] Review of draft-ietf-repute-query-ht… Dave Crocker
- Re: [secdir] Review of draft-ietf-repute-query-ht… Murray S. Kucherawy
- Re: [secdir] Review of draft-ietf-repute-query-ht… Shawn M Emery
- [secdir] Review of draft-ietf-tictoc-security-req… Shawn M Emery
- Re: [secdir] Review of draft-ietf-tictoc-security… Tal Mizrahi
- [secdir] Review of draft-ietf-cdni-requirements-13 Shawn M Emery
- Re: [secdir] Review of draft-ietf-cdni-requiremen… Kent Leung (kleung)
- [secdir] Review of draft-ietf-isis-rfc6326bis-01 Shawn M Emery
- [secdir] Review of draft-ietf-tcpm-fastopen-08 Shawn M Emery
- Re: [secdir] Review of draft-ietf-tcpm-fastopen-08 Scharf, Michael (Michael)
- [secdir] Review of draft-ietf-hip-rfc5202-bis-05 Shawn M Emery