Thanks Eric, see reply inline below. -----邮件原件----- 发件人: Éric Vyncke via Datatracker [mailto:[email protected]] 发送时间: 2020年4月22日 14:45 收件人: The IESG <[email protected]> 抄送: [email protected]; [email protected]; [email protected]; Kent Watsen <[email protected]>; [email protected] 主题: Éric Vyncke's No Objection on draft-ietf-netmod-factory-default-14: (with COMMENT)
Éric Vyncke has entered the following ballot position for draft-ietf-netmod-factory-default-14: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-netmod-factory-default/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for the work put into this document. The document is clear, easy to read and quite useful. Please find below some non-blocking COMMENTs. An answer will be appreciated. I also support Barry's comment. I hope that this helps to improve the document, Regards, -éric == COMMENTS == If the "factory-default" is optional (per section 3), then it may be worth to specify this quality in the abstract and in the introduction. [Qin]: Thanks, will mention this in both abstract and introduction. -- Section 2 -- What happens with the different counters in the <operational> data store ? [Qin]: As described in 2, The contents of the <operational> datastore MUST reflect the operational state of the device after applying the factory default configuration. In other words, Referencing figure 2 of RFC8342, counter seen as system state of operational datastore will reflect the operational state of the device. Why is this a SHOULD for overwritting sensitive data before deletion and not a MUST? At least section 6 writes that "owner of the device MUST NOT rely on any sensitive data (e.g., private keys) being forensically unrecoverable" [Qin]: I have no preference on whether we should use strong language or soft language, but the idea here is deleting dynamically generated files is mandatory, overwriting security sensitive data is recommended. _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
