Hi Dong, Many thanks for your review. Please see my response inline.
Thanks, Jensen On Fri, May 19, 2023 at 11:33 PM <gd=40tongji.edu...@dmarc.ietf.org> wrote: > Dear ALTOers and authors of draft-ietf-alto-oam-yang, > > Below is my review for draft-ietf-alto-oam-yang-07. > > Since I'm new to ALTO, please consider my review comments as suggestions > for reference purposes. > If you believe any of my comments are irrelevant, please feel free to > ignore them. > > Best regards, > Dong > > > ============================================== > > > Section 4.4., paragraph 11: > > > Figure 1: A Reference ALTO Server Architecture and YANG Modules > > In Figure 1, the arrow labels marked with "write" and "read" > for the Data Broker can be confusing. If we follow the semantic > of the "write" arrow, then the "read" arrow can be understood as > Data Broker reads Algorithm Plugin. It would be better to maintain > consistency in the semantic of the arrows by following the "src as > subject, dst as object, and label as predicate" convention. This > would help to clarify the direction and purpose of the data flow > between components in the architecture. > Good catch. We will fix the arrow directions. > 5. Design of ALTO O&M Data Model > > > Section 5.1., paragraph 2: > > > As shown in Figure 2, the top-level container 'alto' in the "ietf- > > alto" module contains a single 'alto-server' and a list of 'alto- > > client' that are uniquely identified. > > The document uses both single and double quotation marks (e.g., > 'alto', "ietf-alto", 'alto-server'), are they written by design? Or > a consistent format is possible? > All the quotation marks should be double. We will fix this. > > The list 'alto-client' defines a list of configurations for other > > applications to bootstrap an ALTO client. These data nodes can also > > be used by data sources and information resource creation algorithms > > that are configured by an ALTO server instance. > > > Section 5.3.2., paragraph 1: > > > To satisfy R2 in Section 4.2, the ALTO server instance contains the > > the logging data nodes shonw in Figure 7. > > s/shonw/shown > Fixed. > > The 'logging-system' data node provides configuration to select a > > logging system to capture log messages generated by an ALTO server. > > > Section 5.4.1., paragraph 5: > > > * A unique `source-id' for resource creation algorithms to > > reference. > > s\`source-id'\'source-id' > Fixed. > > * The 'source-type' attribute to declare the type of the data > > source. > > > Section 7., paragraph 0: > > > 7. ALTO OAM YANG Modules > > This section has no description, or if the YANG spec has already > explained everything, just ignore this comment. > > 7.1. The "ietf-alto" YANG Module > > > Section 8., paragraph 8: > > > The "ietf-alto" supports an HTTP listen mode to cover cases where the > > ALTO server stack does not handle the TLS termination itself, but is > > handled by a separate component. Special care should be considered > > when such mode is enabled. Note that the default listen mode is > > "https". > > s/"https"/HTTPS > "https" is a case node of the "transport" choice under "alto-server-listen-stack" grouping. This is not a nit. > > What is the HTTP listen mode and TLS termination? I think they refer to > the implementation of an HTTP(s) server and closing HTTPS connection by > server. > If so, they are general processes which are out of the scope of OAM > security, > so I feel there is no need to list it here. > The security considerations are not only limited to OAM but all the operations of the YANG data model. But thanks for the comment. We will clarify this. > > Also, please be aware that these modules include choice nodes that > > can be augmented by other extended modules. The augmented data nodes > > may be considered sensitive or vulnerable in some network > > environments. For instance, an augmented case of the "source-params" > > choice in "data-source" may include authentication information about > > how to access a data source including private network information. > > The "yang-datastore" case in Appendix A.3 is such an example. The > > "restconf" and "netconf" nodes in it may reveal the access to a > > private YANG datastore. Thus, those extended modules may have the > > NACM extension "default-deny-all" set. > > > _______________________________________________ > alto mailing list > alto@ietf.org > https://www.ietf.org/mailman/listinfo/alto >
_______________________________________________ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto