I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please wait for direction from your document shepherd or AD before posting a new version of the draft. Document: draft-ietf-netmod-system-mgmt-10.txt Reviewer: Brian Carpenter Review Date: 2014-01-19 IETF LC End Date: 2014-01-22 IESG Telechat date: 2014-01-23 Summary: Almost ready -------- Comments: --------- Since the version hasn't been updated yet I haven't changed the review, but the authors' proposed changes are fine. Please let me know if the -11 version comes out before the telechat. I haven't checked the yang syntax in detail. At first glance, it looks good. Minor Issues: ------------ "2.1. System Identification There are many common properties used to identify devices, operating systems, software versions, etc. that need to be supported in the system data module. These objects are defined as operational state data and the information returned by the server is intended to be specific to the device vendor." Does "server" mean the NETCONF server? "2.2. System Time Management The management of the date and time used by the system need to be supported. Use of one or more NTP servers to automatically set the system date and time need to be possible. Utilization of the Timezone database [RFC6557] also need to be supported. It should be possible for the server, as well as clients, to configure the system to use NTP." Again, does this mean the NETCONF server? Also, which clients? This is the first time the document mentions clients. "2.3. User Authentication ...It should be possible for the server, as well as clients, to configure the system authentication properties." Same comment as for 2.2. Also, how does the network administrator enforce a specific strength of authentication? It seems as though the clients can choose to downgrade security. "2.4. DNS Resolver The configuration of the DNS resolver within the system containing the NETCONF server is required to control how domain names are resolved." This is very hard to parse and could mean several things. Does it mean that it MUST be possible to configure the DNS resolver? (And I wonder what happens if the device is running mDNS?) "3.6. System Control The following operations are defined: set-current-datetime system-restart system-shutdown" My reaction is that this is a very limited set of operations. For example how about system standby (enter power-saving mode)? Yes, I know that creates the problem of how to wake the system up again, but there are solutions to that problem (e.g. polling). I can imagine many vendor-specific extensions in this area, too.