Dear ALTOers and authors of draft-ietf-alto-oam-yang, Below is my review for draft-ietf-alto-oam-yang-07.
Since I'm new to ALTO, please consider my review comments as suggestions for reference purposes. If you believe any of my comments are irrelevant, please feel free to ignore them. Best regards, Dong ============================================== Section 4.4., paragraph 11: > Figure 1: A Reference ALTO Server Architecture and YANG Modules In Figure 1, the arrow labels marked with "write" and "read" for the Data Broker can be confusing. If we follow the semantic of the "write" arrow, then the "read" arrow can be understood as Data Broker reads Algorithm Plugin. It would be better to maintain consistency in the semantic of the arrows by following the "src as subject, dst as object, and label as predicate" convention. This would help to clarify the direction and purpose of the data flow between components in the architecture. 5. Design of ALTO O&M Data Model Section 5.1., paragraph 2: > As shown in Figure 2, the top-level container 'alto' in the "ietf- > alto" module contains a single 'alto-server' and a list of 'alto- > client' that are uniquely identified. The document uses both single and double quotation marks (e.g., 'alto', "ietf-alto", 'alto-server'), are they written by design? Or a consistent format is possible? > The list 'alto-client' defines a list of configurations for other > applications to bootstrap an ALTO client. These data nodes can also > be used by data sources and information resource creation algorithms > that are configured by an ALTO server instance. Section 5.3.2., paragraph 1: > To satisfy R2 in Section 4.2, the ALTO server instance contains the > the logging data nodes shonw in Figure 7. s/shonw/shown > The 'logging-system' data node provides configuration to select a > logging system to capture log messages generated by an ALTO server. Section 5.4.1., paragraph 5: > * A unique `source-id' for resource creation algorithms to > reference. s\`source-id'\'source-id' > * The 'source-type' attribute to declare the type of the data > source. Section 7., paragraph 0: > 7. ALTO OAM YANG Modules This section has no description, or if the YANG spec has already explained everything, just ignore this comment. > 7.1. The "ietf-alto" YANG Module Section 8., paragraph 8: > The "ietf-alto" supports an HTTP listen mode to cover cases where the > ALTO server stack does not handle the TLS termination itself, but is > handled by a separate component. Special care should be considered > when such mode is enabled. Note that the default listen mode is > "https". s/"https"/HTTPS What is the HTTP listen mode and TLS termination? I think they refer to the implementation of an HTTP(s) server and closing HTTPS connection by server. If so, they are general processes which are out of the scope of OAM security, so I feel there is no need to list it here. > Also, please be aware that these modules include choice nodes that > can be augmented by other extended modules. The augmented data nodes > may be considered sensitive or vulnerable in some network > environments. For instance, an augmented case of the "source-params" > choice in "data-source" may include authentication information about > how to access a data source including private network information. > The "yang-datastore" case in Appendix A.3 is such an example. The > "restconf" and "netconf" nodes in it may reveal the access to a > private YANG datastore. Thus, those extended modules may have the > NACM extension "default-deny-all" set. _______________________________________________ alto mailing list alto@ietf.org https://www.ietf.org/mailman/listinfo/alto
