Hi Jensen, Thanks for drafting that text. I do still that some sensitive data nodes have to be listed. For example,
* Access to all authentication-related data nodes should be protected; those that are inherited from other models have already “nacm:default-deny-write” statement, while there is no such protected from the data node that are added in the draft. * Consider the example of “poll-interval”: a misbehaving node can set a very large value that would lead to maintaining stale data. Setting very low values can also be considered as a misbehavior. Cheers, Med De : alto <alto-boun...@ietf.org> De la part de Jensen Zhang Envoyé : mardi 9 mai 2023 15:14 À : ietf-wg-alto/draft-ietf-alto-oam-yang <reply+abcca5ijepgbnlogwrs6aswcewnptevbnhhgcsj...@reply.github.com> Cc : IETF ALTO <alto@ietf.org> Objet : Re: [alto] [ietf-wg-alto/draft-ietf-alto-oam-yang] Security Considerations (Issue #33) Hi Med, I am not aware of which data nodes are sensitive in this module. If you find any, please point them out. But I am aware that the extended modules (e.g., examples in the appendix) may include sensitive data. Especially, the "data-source" node. So I added a new paragraph [1] to clarify this. Do you think it is enough? [1]: https://github.com/ietf-wg-alto/draft-ietf-alto-oam-yang/commit/5a2a40db5ebe45a3e16a836f8cae38891f4b5bce Thanks, Jensen On Mon, Mar 20, 2023 at 10:06 PM Med <notificati...@github.com<mailto:notificati...@github.com>> wrote: I'm afraid that the following text is to be revised: None of the readable data nodes in these YANG module are considered sensitive or vulnerable in network environments. The NACM "default-deny-all" extension has not been set for any data nodes defined in these module. None of the writable data nodes in these YANG modules are considered sensitive or vulnerable in network environments. The NACM "default-deny-write" extension has not been set for any data nodes defined in these modules. There are several sensitive data node that should be listed. Access to some data by non-authorized parties may reveal internal topologies/etc. There should be also a note about the "http-listen" use. — Reply to this email directly, view it on GitHub<https://github.com/ietf-wg-alto/draft-ietf-alto-oam-yang/issues/33>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABCCA5OI7SW6DOU4PSF52DTW5BP7TANCNFSM6AAAAAAWBELDRQ>. You are receiving this because you are subscribed to this thread.Message ID: <ietf-wg-alto/draft-ietf-alto-oam-yang/issues/3...@github.com<mailto:ietf-wg-alto/draft-ietf-alto-oam-yang/issues/3...@github.com>> _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
_______________________________________________ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto
