-----邮件原件----- 发件人: Martin Bjorklund [mailto:[email protected]] 发送时间: 2019年11月6日 15:36 收件人: Qin Wu <[email protected]> 抄送: [email protected]; [email protected]; [email protected] 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt
Qin Wu <[email protected]> wrote: > 发件人: netmod [mailto:[email protected]] 代表 Kent Watsen > 发送时间: 2019年11月6日 3:27 > 收件人: john heasley <[email protected]> > 抄送: [email protected] > 主题: Re: [netmod] I-D Action: draft-ietf-netmod-factory-default-04.txt > > > > Yes, I'm suggesting that this "clearing" be a requirement, even if the > operator has the choice between clear "only the configuration" and > "everything." "might" -> "MUST". > > The fine line between too vague and too much detail must be found. >>> > > In addition,the "factory-reset" RPC MUST restore storage to factory > condition, including remove log files, remove temporary files, remove > certificates, keys, etc zero passwords, <insert other things> > > The process (SHOULD|MUST) zero/pattern-write then remove sensitive > files such as the TLS keys, configuration stores, etc. > > [Qin]: Okay, here is the my proposed change: > OLD TEXT: > “ > In addition, the "factory-reset" RPC might also be used to trigger > some other restoring and resetting tasks such as files cleanup, > restarting the node or some of the SW processes, or setting some > security data/passwords to the default value, removing logs, removing > any temporary data (from datastore or elsewhere) etc. When and why > these tasks are triggered is not the scope of this document. > ” > NEW TEXT: > “ > In addition, the "factory-reset" RPC MUST restore storage to factory > condition, including remove log files, remove temporary files (from datastore > or elsewhere). > It MUST also remove security credentials and restoring default > security settings including remove certificates, keys, zero passwords, etc. > The process invoked by the "factory-reset" > RPC SHOULD zero/pattern-write than remove sensitive files such as the > TLS keys, configuration stores, etc. The RPC MAY also be used to > trigger some other resetting tasks such as restarting the node or some > of the software processes, activating the factory-default config which in > turn enables zero touch provision (ZTP). > ” > If you have better text, feel free to share. I think your previously proposed text that didn't mention ZTP was better. Also, "MAY also be used to" sounds like it is the client's decision, so I suggest changing the last sentence to: The RPC MAY also trigger some other resetting tasks such as restarting the node or some of the software processes. [Qin]: Works for me, thanks. /martin > > The RPC MAY provide an option to limit the actions to factory reset of > the configuration. > [Qin]: we have add nacm:default-deny-all on RPC we proposed. Security > section will be enhanced Based on Andy’s comment in the separate email. > > Strongly agree. > > Kent // contributor > _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
