Murray Kucherawy has entered the following ballot position for draft-ietf-opsawg-sdi-10: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-opsawg-sdi/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Bigger points first: The shepherd writeup contains this remark, which made me squint a bit: "More security review was asked for by the WG at various [times], and it is not clear that this input will be taken into account." Why's that? This Informational document cites BCP 14, and then has a solitary SHOULD in Section 4.2. One could easily change "SHOULD fetch" to "fetches" and do away with all of that. There are several places where the prose uses two words to mean roughly the same thing (e.g., "store / cache"). I found this awkward each time I hit it. Please, in each case, pick one. Worst case, replace the slash with "or", but you'll probably find that redundant anyway. There are several places where a list or example is introduced with a hyphen (e.g., "There are two options when implementing this - a vendor could..."). Instead, it should be a new sentence, or at least a colon followed by a clause or maybe a bulleted list. And now, a lot of editorial suggestions: Section 1: * "... or using an auto install techniques which fetch ..." -- s/techniques/technique/, or remove "an" * "... or something similar, is an unacceptable ..." -- remove the comma * "... vendor to pre-configure the devices before shipping it ..." -- change either "devices" to "device", or "it" or "them" * "... configuration, etc; but these ..." -- change to "... configuration, etc. However, these ..." * "... managing installed / deployed devices ..." -- suggest just picking one Section 2: * "... newly installed / unconfigured ..." -- change to "... newly installed, unconfigured ..." * "... obtain an IP address and address of a config server ...." change to "... obtain an IP address for itself and discover the address of a configuration server ..." * "This document describes a concept ..." -- this paragraph feels like it belongs in Section 1 Section 2.1: * "... Point of Presence (POP) / datacenter." -- maybe just replace all of this with "facility"? * "... device configuration, fetches the certificate ..." -- s/,/ and/ * "... encrypted config ..." -- please use either "configuration" (preferred) or "config", but not both * "... installed in Operator_A' ..." -- missing an "s" (two instances in the third paragraph) * "... (note that all this ..." -- s/all this/all of this/ (and actually, this should be its own sentence) OLD: The device attempts to load the config file - if the config file is unparsable, (new functionality) the device tries to use its private key to decrypt the file, and, assuming it validates, installs the new configuration. NEW: The device attempts to load the configuration file. As an added step, if the configuration file cannot be parsed, the device tries to use its private key to decrypt the file and, assuming it validates, proceeds to install the new, decrypted, configuration. * "(See Security Considerations)" -- section number, please Section 3: * This section doesn't appear to me to describe a role other than "vendor". * "... the vendors roles and ..." -- s/vendors/vendor's/ Section 3.1: * Please expand "EST" on first use. Section 3.2: * "... store / cache ... uptime / reachability ..." -- as above, these really stand out to me as in need of making an editorial choice Section 4: * I don't see a role in here either other than "operator". Section 4.1: * "(likely serial number)" -- suggest "(e.g., the serial number)" Section 4.2: * "publication server, and download ..." -- remove the comma Section 5.1: * "chassis / backplane" -- another; see previous remarks * TPM could use a reference (ISO/IEC 11889?) Section 5.3: * "(e.g.: 'load replace <filename> encrypted))" -- unbalanced quoting and parentheses Section 7: * "... may wish to bootstrapping devices with ..." -- s/bootstrapping/bootstrap/ * "... minimal / less sensitive ..." -- pick one, or at least use "or" Appendix B: * s/csr/CSR/ (and probably expand it) * "Demo / proof of concept" -- pick one * "... from the command line, in production ..." -- start a new sentence * Don't use "I'm". Maybe change "I'm using S/MIME because ..." to "S/MIME is used here because ..." _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg