Last Call Review of draft-ietf-netconf-nmda-netconf-06
review-ietf-netconf-nmda-netconf-06-secdir-lc-huitema-2018-08-05-02

Request Review of draft-ietf-netconf-nmda-netconf
Requested rev. no specific revision (document currently at 08)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2018-07-09
Requested 2018-06-25
Authors Martin Björklund, Jürgen Schönwälder, Philip Shafer, Kent Watsen, Robert Wilton
Draft last updated 2018-08-05
Completed reviews Yangdoctors Last Call review of -03 by Ebben Aries (diff)
Rtgdir Telechat review of -06 by Lou Berger (diff)
Secdir Last Call review of -06 by Christian Huitema (diff)
Genart Last Call review of -06 by Christer Holmberg (diff)
Opsdir Telechat review of -06 by Carlos Pignataro (diff)
Assignment Reviewer Christian Huitema
State Completed
Review review-ietf-netconf-nmda-netconf-06-secdir-lc-huitema-2018-08-05
Reviewed rev. 06 (document currently at 08)
Review result Ready
Review completed: 2018-08-05

Review
review-ietf-netconf-nmda-netconf-06-secdir-lc-huitema-2018-08-05

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

The summary of the review is Ready

The document (draft-ietf-netconf-nmda-netconf-06) presents extensions to the original
NETCONF protocol (RFC 6241). RFC 6241 defined operations to "get-config" and
"edit-config". The proposed revision defines "get-data" and "edit-data" that
have more parameters than "get-config" and "edit-config", allowing for
more precise filtering of the data being retrieved or edited.

The security consideration section essentially points to the security
considerations of the original NETCONF protocol, enhanced by the access
control procedures defined in RFC 8341. The security of NETCONF depends on
operation over a secure transport, the default being SSH, with NETCONF
over SSH defined in RFC 6242.

In my mind, the newly defined operations are similar to the
previously defined operation, with an option for more narrow targeting to a 
subset of the configuration data. If the security of NETCONF was adequate,
it will still be adequate after these extensions.