Re: [netmod] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18
Thanks, Andy! On Tue, Mar 6, 2018 at 12:53 PM, Andy Bierman wrote: > > > On Tue, Mar 6, 2018 at 9:40 AM, Kathleen Moriarty > wrote: >> >> Thanks for your review, Stephen! >> >> On Thu, Feb 22, 2018 at 2:58 PM, Stephen Farrell >> wrote: >> > Reviewer: Stephen Farrell >> > Review result: Ready >> > >> > >> > I reviewed the diff between -18 and RFC6087. [1] >> > >> >[1] >> > https://www.ietf.org/rfcdiff?url1=rfc6087&url2=draft-ietf-netmod-rfc6087bis-18 >> > >> > I assume the security ADs were involved already in discussion about >> > the new security considerations template in 3.7.1 and the text there >> > does seem fine to me, so I won't even nit-pick about it:-) >> >> Yes and I sent it to the SAAG list for review as well along with a >> followup email on the security review process for YANG documents (a >> link to the OPSdir page on that). I don't think any feedback came >> through as a result of the request, so we should be good with the >> general considerations for a bit. >> >> > >> > I do have some other nits to note though. >> > >> > - There are a number of URLs given for access to updated materials >> > that use http schemed URLs and that do not use https schemed URLs. >> > There was a recent IESG statement to the effect that those'd be better >> > as https URLs. The first such example is in 3.1. In fact that URL is >> > re-directed (for me) to https. I think a general pass to fix such URLs >> > to use https wherever possible would be easy and better practice. >> > > > > > no objection to changing the URLs to use https > > >> >> > - Some of the namespaces use http schemed URLs, for example in >> > section 4.2. I don't know if people are expected to de-reference such >> > URLs, but if they are then it'd be good to say if https is better to use >> > or not. (I'd argue it is.) If those URLs are not expected to be >> > de-referenced, then saying that would be good. (Not that it'd stop >> > people de-referencing 'em so the change is better in any case;-) >> > > no objection to changing the YANG namespace examples to something else > >> >> I don't see any response on these questions on list and it would be >> good to get an answer, so I'll include a link in my ballot in case the >> authors are not seeing it for some reason. >> >> Thanks, >> Kathleen >> >> > >> > Cheers, >> > S. >> > >> >> > > > Andy > >> >> >> -- >> >> Best regards, >> Kathleen > > -- Best regards, Kathleen ___ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
Re: [netmod] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18
On Tue, Mar 6, 2018 at 9:40 AM, Kathleen Moriarty < kathleen.moriarty.i...@gmail.com> wrote: > Thanks for your review, Stephen! > > On Thu, Feb 22, 2018 at 2:58 PM, Stephen Farrell > wrote: > > Reviewer: Stephen Farrell > > Review result: Ready > > > > > > I reviewed the diff between -18 and RFC6087. [1] > > > >[1] https://www.ietf.org/rfcdiff?url1=rfc6087&url2=draft-ietf- > netmod-rfc6087bis-18 > > > > I assume the security ADs were involved already in discussion about > > the new security considerations template in 3.7.1 and the text there > > does seem fine to me, so I won't even nit-pick about it:-) > > Yes and I sent it to the SAAG list for review as well along with a > followup email on the security review process for YANG documents (a > link to the OPSdir page on that). I don't think any feedback came > through as a result of the request, so we should be good with the > general considerations for a bit. > > > > > I do have some other nits to note though. > > > > - There are a number of URLs given for access to updated materials > > that use http schemed URLs and that do not use https schemed URLs. > > There was a recent IESG statement to the effect that those'd be better > > as https URLs. The first such example is in 3.1. In fact that URL is > > re-directed (for me) to https. I think a general pass to fix such URLs > > to use https wherever possible would be easy and better practice. > > > no objection to changing the URLs to use https > > - Some of the namespaces use http schemed URLs, for example in > > section 4.2. I don't know if people are expected to de-reference such > > URLs, but if they are then it'd be good to say if https is better to use > > or not. (I'd argue it is.) If those URLs are not expected to be > > de-referenced, then saying that would be good. (Not that it'd stop > > people de-referencing 'em so the change is better in any case;-) > > no objection to changing the YANG namespace examples to something else > I don't see any response on these questions on list and it would be > good to get an answer, so I'll include a link in my ballot in case the > authors are not seeing it for some reason. > > Thanks, > Kathleen > > > > > Cheers, > > S. > > > > > Andy > > -- > > Best regards, > Kathleen > ___ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
Re: [netmod] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18
Thanks for your review, Stephen! On Thu, Feb 22, 2018 at 2:58 PM, Stephen Farrell wrote: > Reviewer: Stephen Farrell > Review result: Ready > > > I reviewed the diff between -18 and RFC6087. [1] > >[1] > https://www.ietf.org/rfcdiff?url1=rfc6087&url2=draft-ietf-netmod-rfc6087bis-18 > > I assume the security ADs were involved already in discussion about > the new security considerations template in 3.7.1 and the text there > does seem fine to me, so I won't even nit-pick about it:-) Yes and I sent it to the SAAG list for review as well along with a followup email on the security review process for YANG documents (a link to the OPSdir page on that). I don't think any feedback came through as a result of the request, so we should be good with the general considerations for a bit. > > I do have some other nits to note though. > > - There are a number of URLs given for access to updated materials > that use http schemed URLs and that do not use https schemed URLs. > There was a recent IESG statement to the effect that those'd be better > as https URLs. The first such example is in 3.1. In fact that URL is > re-directed (for me) to https. I think a general pass to fix such URLs > to use https wherever possible would be easy and better practice. > > - Some of the namespaces use http schemed URLs, for example in > section 4.2. I don't know if people are expected to de-reference such > URLs, but if they are then it'd be good to say if https is better to use > or not. (I'd argue it is.) If those URLs are not expected to be > de-referenced, then saying that would be good. (Not that it'd stop > people de-referencing 'em so the change is better in any case;-) I don't see any response on these questions on list and it would be good to get an answer, so I'll include a link in my ballot in case the authors are not seeing it for some reason. Thanks, Kathleen > > Cheers, > S. > -- Best regards, Kathleen ___ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
[netmod] Secdir telechat review of draft-ietf-netmod-rfc6087bis-18
Reviewer: Stephen Farrell Review result: Ready I reviewed the diff between -18 and RFC6087. [1] [1] https://www.ietf.org/rfcdiff?url1=rfc6087&url2=draft-ietf-netmod-rfc6087bis-18 I assume the security ADs were involved already in discussion about the new security considerations template in 3.7.1 and the text there does seem fine to me, so I won't even nit-pick about it:-) I do have some other nits to note though. - There are a number of URLs given for access to updated materials that use http schemed URLs and that do not use https schemed URLs. There was a recent IESG statement to the effect that those'd be better as https URLs. The first such example is in 3.1. In fact that URL is re-directed (for me) to https. I think a general pass to fix such URLs to use https wherever possible would be easy and better practice. - Some of the namespaces use http schemed URLs, for example in section 4.2. I don't know if people are expected to de-reference such URLs, but if they are then it'd be good to say if https is better to use or not. (I'd argue it is.) If those URLs are not expected to be de-referenced, then saying that would be good. (Not that it'd stop people de-referencing 'em so the change is better in any case;-) Cheers, S. ___ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod