----- Original Message -----
From: "Mr. Jaehoon Paul Jeong" <[email protected]>
Sent: Tuesday, August 24, 2021 3:27 PM
Hi Tom,
Patrick and I have addressed your comments below with -09 version:
I attach the revision letter to explain how to address them.
Please let us know where this revision satisfies you or not.
Paul
Getting there.
RFC5321 needs adding to the I-D References
identity ssh
references RFC959 FTP; RFC6242 would be better - you already have that
reference in Security Considerations
nsf-name
I commented on for another I-D; I think that the description lacks
scope. 'unique' yes but within what namespace? 'management domain'
might be a suitable scope
identity access-violation
mentions read and write. When I think of permissions, I also include
create, delete, execute as part of the set; should this do so?
leaf attack-speed {
type uint32;
units "bps";
Is 32 bit bps enough for modern networks? This applies in several places.
grouping i2nsf-system-counter-type-content{
here and elswhere counters can wrap and so RFC6991 recommends that they
be accompanied by a discontinuity-time; you can see an example of this
RFC8343
leaf interface-name {
in other models, such as routing ones, references to interface are by
leafref to an object in the interface YANG module of RFC8343; is it
worth it here? I do not know what is best here.
leaf login-ip {
assumes that login is over an IP network. Probably a reasonable
assumption even if I sometimes use otherwise!
leaf-list attack-dst-ip {
type inet:ip-prefix;
The Revision Letter said that this would be
type inet:ip-address;
which I think that it should
leaf alarm-type {
this lists three types whereas the identity has five. Is the difference
significant? Would an identityref do?
Tom Petch
_______________________________________________
I2nsf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2nsf
