Hi Tarek, thank you for providing the reasoning. I definitely have no problem with listing RFC8446 as normative, if there is a template and this is a common practice for YANG model documents. Anyway, it was just a nit. Regards, Valery. > Hi Valery, > > Thanks for the review. Regarding the nit below, we have followed the > guidelines to as per https://tools.ietf.org/html/rfc8407#section-3.7.1 which > has RFC8446 as normative. > My understanding is this is being used as a template in several other YANG > RFCs/drafts. Let us know if you still find it an issue and we'll try to address it. > > Nit: I don't think that reference to TLS1.3 (RFC8446) > should be normative. In my understanding readers of this document > are not obliged to read and fully understand the details of TLS to be able > to import the definitions and create a TE-related YANG module. > > Regards, > Tarek > > On 5/8/19, 4:28 AM, "Teas on behalf of Valery Smyslov" <teas- > bounces@xxxxxxxx on behalf of valery@xxxxxxxxxxx> wrote: > > Reviewer: Valery Smyslov > Review result: Ready with Nits > > I have reviewed this document as part of the security directorate's > ongoing effort to review all IETF documents being processed by the > IESG. These comments were written primarily for the benefit of the > security area directors. Document editors and WG chairs should treat > these comments just like any other last call comments. > > > The draft defines a set of common YANG elements (typedefs, identities and > groupings) > that are intended to be used in Traffic Engineering related YANG modules. > The draft as such doesn't have security implications. The Security > Considerations > section contains general advices on using YANG with data management > protocols (like NETCONF or RESTCONF), which are applicable when > these definitions are imported and used in other YANG modules. > The advices include using secure protocols (SSH for NETCONF and TLS1.3 for > RESTCONF) > and implementing access control for sensitive YANG data nodes. > > Nit: I don't think that reference to TLS1.3 (RFC8446) > should be normative. In my understanding readers of this document > are not obliged to read and fully understand the details of TLS to be able > to import the definitions and create a TE-related YANG module. > > > _______________________________________________ > Teas mailing list > Teas@xxxxxxxx > https://www.ietf.org/mailman/listinfo/teas >
