Hi Corey, Thanks for the review. > On Feb 6, 2025, at 5:40 PM, Corey Bonnell via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Corey Bonnell > Review result: Ready > > My primary area of experience is PKI, and this is my first foray for delving > into YANG. I hope the comments below are useful despite that. > > I have reviewed the document and found that the security considerations section > provides appropriate guidance on the use of secure transport protocols as well > as access controls for reading and writing the nodes defined in this document. > Additionally, there is sufficient enumeration of the specific risks posed by > allowing an attacker write access to the nodes defined in the document or > allowing an attacker read access to nodes. Given this, I believe the current > security considerations section is sufficient. > > Nit: > In the Security Considerations section, replace "Dos" with "DoS" in several > locations for consistency. I see we have 2 instances of this - will fix. > > Question: > Should the various read-only nodes defined in this document (such as > "prefix-sid-sub-tlvs") be marked as "config false" as they are not writable? Since these TLV and Sub-TLV augmentations are additions to "config false" containers, they are are also "config false". Note the "ro" in the tree diagrams in section 2. Thanks, Acee > > > -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
