Skip to content

Commit

Permalink
Added Manageability and Security Considerations (#22)
Browse files Browse the repository at this point in the history 
* Added Manageability and Security Considerations

Added Manageability and Security Considerations proposed by Daniel with some changes:
https://github.com/aguoietf/ietf-ccamp-optical-path-computation/issues/10#issuecomment-1242047633
https://github.com/aguoietf/ietf-ccamp-optical-path-computation/issues/11#issuecomment-1242053633
  • Loading branch information
@italobusi
italobusi authored Sep 12, 2022
1 parent 625c589 commit b470383
Show file tree
Hide file tree
Showing 3 changed files with 349 additions and 208 deletions.
13 changes: 11 additions & 2 deletions draft-gbb-ccamp-optical-path-computation-yang.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,11 +211,20 @@ flexi-grid-label-start-end, flexi-grid-label-hop and flexi-grid-label-step defin

# Manageability Considerations

TBD.
This document provides a method for requesting path computations for WSON and Flexi-Grid tunnels. Consideration of mechanisms to gather and collate information required for the path computations will be necessary. Furthermore, storing path computation requests and responses and triggering actions will also need to be carefully managed and secured.

Future versions of this document will contain additional information.

# Security Considerations

\<Add any security considerations>
The YANG module defined in this document will be accessed via the NETCONF protocol {{!RFC6241}} or RESTCONF protocol {{!RFC8040}}. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) {{!RFC6242}}. The lowest RESTCONF layer is HTTPS and the mandatory-to-implement secure transport is TLS {{!RFC8446}}.

The Network Configuration Access Control Model (NACM) {{!RFC8341}} provides the means to restrict access to particular NETCONF or RESTCONF users to a pre-configured subset of all available NETCONF or RESTCONF protocol operations and content.

Some of the RPC operations defined in this YANG module may be
considered sensitive or vulnerable in some network environments. It is thus essential to control access to these operations.

Operations defined in this document, and their sensitivities and possible vulnerabilities, will be discussed further in future versions of this document.

# IANA Considerations

Expand Down
Loading

0 comments on commit b470383

Please sign in to comment.