Qin Wu <bill...@huawei.com> wrote: > 发件人: netmod [mailto:netmod-boun...@ietf.org] 代表 Kent Watsen > 发送时间: 2019年11月6日 3:27 > 收件人: john heasley <h...@shrubbery.net> > 抄送: netmod@ietf.org > 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt > > > > Yes, I'm suggesting that this "clearing" be a requirement, even if the > operator has the choice between clear "only the configuration" and > "everything." "might" -> "MUST". > > The fine line between too vague and too much detail must be found. >>> > > In addition,the "factory-reset" RPC MUST > restore storage to factory condition, including > remove log files, > remove temporary files, > remove certificates, keys, etc > zero passwords, > <insert other things> > > The process (SHOULD|MUST) zero/pattern-write then remove sensitive files > such as the TLS keys, configuration stores, etc. > > [Qin]: Okay, here is the my proposed change: > OLD TEXT: > “ > In addition, the "factory-reset" RPC might also be used to trigger > some other restoring and resetting tasks such as files cleanup, > restarting the node or some of the SW processes, or setting some > security data/passwords to the default value, removing logs, removing > any temporary data (from datastore or elsewhere) etc. When and why > these tasks are triggered is not the scope of this document. > ” > NEW TEXT: > “ > In addition, the "factory-reset" RPC MUST restore storage to factory > condition, > including remove log files, remove temporary files (from datastore or > elsewhere). > It MUST also remove security credentials and restoring default security > settings including > remove certificates, keys, zero passwords, etc. The process invoked by the > "factory-reset" > RPC SHOULD zero/pattern-write than remove sensitive files such as the TLS > keys, configuration > stores, etc. The RPC MAY also be used to trigger some other resetting tasks > such as restarting > the node or some of the software processes, activating the factory-default > config which in turn > enables zero touch provision (ZTP). > ” > If you have better text, feel free to share.
I think your previously proposed text that didn't mention ZTP was better. Also, "MAY also be used to" sounds like it is the client's decision, so I suggest changing the last sentence to: The RPC MAY also trigger some other resetting tasks such as restarting the node or some of the software processes. /martin > > The RPC MAY provide an option to limit the actions to factory reset of > the configuration. > [Qin]: we have add nacm:default-deny-all on RPC we proposed. Security > section will be enhanced > Based on Andy’s comment in the separate email. > > Strongly agree. > > Kent // contributor > _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod