发件人: netmod [mailto:[email protected]] 代表 Kent Watsen 发送时间: 2019年11月6日 3:27 收件人: john heasley <[email protected]> 抄送: [email protected] 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
Yes, I'm suggesting that this "clearing" be a requirement, even if the operator has the choice between clear "only the configuration" and "everything." "might" -> "MUST". The fine line between too vague and too much detail must be found. >>> In addition,the "factory-reset" RPC MUST restore storage to factory condition, including remove log files, remove temporary files, remove certificates, keys, etc zero passwords, <insert other things> The process (SHOULD|MUST) zero/pattern-write then remove sensitive files such as the TLS keys, configuration stores, etc. [Qin]: Okay, here is the my proposed change: OLD TEXT: “ In addition, the "factory-reset" RPC might also be used to trigger some other restoring and resetting tasks such as files cleanup, restarting the node or some of the SW processes, or setting some security data/passwords to the default value, removing logs, removing any temporary data (from datastore or elsewhere) etc. When and why these tasks are triggered is not the scope of this document. ” NEW TEXT: “ In addition, the "factory-reset" RPC MUST restore storage to factory condition, including remove log files, remove temporary files (from datastore or elsewhere). It MUST also remove security credentials and restoring default security settings including remove certificates, keys, zero passwords, etc. The process invoked by the "factory-reset" RPC SHOULD zero/pattern-write than remove sensitive files such as the TLS keys, configuration stores, etc. The RPC MAY also be used to trigger some other resetting tasks such as restarting the node or some of the software processes, activating the factory-default config which in turn enables zero touch provision (ZTP). ” If you have better text, feel free to share. The RPC MAY provide an option to limit the actions to factory reset of the configuration. [Qin]: we have add nacm:default-deny-all on RPC we proposed. Security section will be enhanced Based on Andy’s comment in the separate email. Strongly agree. Kent // contributor
_______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
