italobusi
commented
5 years ago 2019-06-24 DT Call
@danielkinguk : please address this comment
Closed michael-scharf closed 5 years ago
italobusi
commented
5 years ago 2019-06-24 DT Call
@danielkinguk : please address this comment
danielkinguk
commented
5 years ago Addressed in the latest Word version.
Reviewed version: Proposal for draft-ietf-ccamp-transport-nbi-app-statement-06 as of June 14
The security considerations section lacks a discussion of the impact of creating management plane interfaces between different systems. I don't believe that this can be ignored.
This section should probably emphasize that it focuses on use cases inside a single organization, i.e., it is assumed that all PNCs and the MDSCs are under common operational management. (I am not sure if this assumption is also made for the CNC; transport and IP operations are often separatedly managed in service provider networks.)
Some suggestions for improvements:
Copy related existing text to this section. Examples can be found in section 2 ("Domain: A domain as defined by [RFC4655] is "any collection of network elements within a common sphere of address management or path computation responsibility". Specifically, within this document we mean a part of an operator's network that is under common management (i.e., under shared operational management using the same instances of a tool and the same policies). Network elements will often be grouped into domains based on technology types, vendor profiles, and geographic proximity.") and in section 4.2 ("This topology knowledge may require proper oversight, including the application of local policy, configuration methods, and the application of a trust model.").
Refer to the security considerations in RFC 8453, possibly also reuse some text from that RFC.
Refer to the security considerations in draft-ietf-teas-yang-te-topo-22 and maybe also other relevant YANG models.