Re: [netconf] Secdir last call review of draft-ietf-netconf-restconf-notif-13

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2019-04-28, 11:00 PM, "Benjamin Kaduk" <kaduk@xxxxxxx> wrote:

    On Wed, Apr 24, 2019 at 05:53:02PM +0000, Reshad Rahman (rrahman) wrote:
    > On 2019-04-19, 11:56 PM, "Benjamin Kaduk" <kaduk@xxxxxxx> wrote:
    > 
    >     On Fri, Apr 12, 2019 at 09:29:35PM +0000, Reshad Rahman (rrahman) wrote:
    >     > Hi Aanchal,
    >     > 
    >     > Thanks for the review. Please see inline.
    >     > 
    >     > On 2019-04-11, 5:54 PM, "netconf on behalf of Aanchal Malhotra via Datatracker" <netconf-bounces@xxxxxxxx on behalf of noreply@xxxxxxxx> wrote:
    >     > 
    >     >     Reviewer: Aanchal Malhotra
    >     >     Review result: Ready
    >     >     
    >     >     The document is very clear and concise.  I just have one minor clarification question.
    >     >     Section 3.4 Page 9 that says the following:
    >     >     "In addition to any required ........SHOULD only be allowed......".  
    >     >     
    >     >     Is there a reason for using SHOULD instead of MUST? 
    >     > 
    >     > There may be reasons why an implementation decides not to enforce this restriction. Going by RFC2119 definitions, this is why we chose SHOULD instead of MUST.
    >     
    >     If you have some reasons in mind, it is often helpful to list them as
    >     examples of when the recommended behavior would not be followed.
    > 
    > What we had in mind is a "super-user" who could be given access to subscriptions of other users. Is this obvious or should I can add text to that effect at the end the bullet below? Something along the lines of "For example, a RESTCONF username with the required administrative permissions could be allowed to invoke RPCs modify-subscription, resync-subscription and delete-subscription on a subscription which was created by another username.".
    > 
    >    o  In addition to any required access permissions (e.g., NACM), RPCs
    >       modify-subscription, resync-subscription and delete-subscription
    >       SHOULD only be allowed by the same RESTCONF username [RFC8040]
    >       which invoked establish-subscription.
    
    I think it might help to have such text, though I would suggest a slightly
    pithier "Such a restriction generally serves to preserve users' privacy, but
    exceptions might be made for administrators that may need to modify or
    delete other users' subscriptions."

Good with me, thanks. I'll make this addition in the next rev.

Regards,
Reshad.

    Thanks,
    
    Ben
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux