> Yes, I'm suggesting that this "clearing" be a requirement, even if the > operator has the choice between clear "only the configuration" and > "everything." "might" -> "MUST". > > The fine line between too vague and too much detail must be found. >>> > > In addition,the "factory-reset" RPC MUST > restore storage to factory condition, including > remove log files, > remove temporary files, > remove certificates, keys, etc > zero passwords, > <insert other things> > > The process (SHOULD|MUST) zero/pattern-write then remove sensitive files > such as the TLS keys, configuration stores, etc. > > The RPC MAY provide an option to limit the actions to factory reset of > the configuration.
Strongly agree. Kent // contributor
_______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
