[Syslog] Dbh re-review of Mib-11-, part 2
"David B Harrington" <dbharrington@comcast.net> Thu, 07 December 2006 01:44 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gs8JE-0001hx-KJ; Wed, 06 Dec 2006 20:44:24 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gs8JE-0001hn-0Y for syslog@ietf.org; Wed, 06 Dec 2006 20:44:24 -0500
Received: from alnrmhc12.comcast.net ([204.127.225.92]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gs8JC-00040k-NO for syslog@ietf.org; Wed, 06 Dec 2006 20:44:23 -0500
Received: from harrington73653 (c-24-128-104-207.hsd1.nh.comcast.net[24.128.104.207]) by comcast.net (alnrmhc12) with SMTP id <20061207014421b1200t2e75e>; Thu, 7 Dec 2006 01:44:21 +0000
From: David B Harrington <dbharrington@comcast.net>
To: 'David Harrington' <ietfdbh@comcast.net>, syslog@ietf.org
Date: Wed, 06 Dec 2006 20:41:19 -0500
Message-ID: <0de601c719a0$cbda6da0$0600a8c0@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: Acb3yrMS6ODMYCInS4KDym8acG1uewhvdh5g
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
In-Reply-To: <001201c6f80f$22b39470$22021eac@china.huawei.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 36b1f8810cb91289d885dc8ab4fc8172
Cc:
Subject: [Syslog] Dbh re-review of Mib-11-, part 2
X-BeenThere: syslog@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@lists.ietf.org>
List-Help: <mailto:syslog-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=subscribe>
Errors-To: syslog-bounces@lists.ietf.org
Hi this is a review of the requested changes from part 2 of my earlier review. > -----Original Message----- > From: David Harrington [mailto:ietfdbh@comcast.net] > Sent: Wednesday, October 25, 2006 4:25 AM > To: syslog@ietf.org > Subject: Mib-09- review, part 2 > > Continued ... > > 1) syslEntCtlTable should describe what type of information is stored > in the table, and the description should be more than "static info". Fixed. > > 2) syslEntCtlEnty - what type of parameters? What process? > > 3) syslEntCtlBindAddress - does this field contain an address or a > hostname? What does the seond sentence mean? Partially fixed. When a manager application reads the addrtype an dfinds "dns", and then reads the address object, will the agent a hostname or the IPv4 or IPv6 address in the varbind? If it returns, say, an IPv4 address, does it change the AddrType field to match? Or do you intend it to return the dns hostname along with the dns addrtype? I cannot tell what is intended, and I expect other implementer swill have trouble knowing which is the right interpretation of the very ambiguous description. > > 4) syslEntCtlTransport - why is this "default" transport instead of > just transport? Fixed. > > 5) is there a mismatch between transportaddresstype and > syslEntCtlService? Is there a transportAddressType for this type of > "address"? Not fixed. I think you are using an enumeration to identify the format of the value in the next object, and then using a format in the next object that does not match any of the enumerated choices. This is obviously wrong. > > 6) syslEntCtlConfFileName - using lots of abbreviations in the name > makes it hard for people to remember how the words were abbreviated. > It would be better to use something like syslogEntCtlFilename. Why do > we need Ent in the name? we never deal with anything other than > entities, do we? syslogControlFile would be much easier to remember > than syslEntCtlConfFileName. Fixed (mostly). > > 7) syslEntCtlConfFileName refers to syslogCtlSelectionTable and > syslogCtlActionTable - where are these defined? Fixed. > > 8) syslEntCtlStatus - again, what process? Fixed. > > 9) syslEntCtlStorageType - is this definition exactly the same as the > StorageType T-C? I am not sure this is the same semantics as StorageType T-C. Your text is somewhat unclear when it says "backed up by non-volatile (permanent)" > > 10) ...RowStatus - spelling "iff" Fixed. > > 11) syslEntStarted and syslEntStopped - spell out MO. I don't > understand the second sentence; how does the manager know what > syslEntOpsIndex is used? Partially fixed. I still do not understand the second sentence. Can you reword this sentence? > > 12) It would be much better to use consistent naming between the > objects/tables and the conformance clauses. The table refers to > syslEnt, but conformance is for syslogDev; the objects are > syslogDefault but the conformance is syslogSystem. Let'e make it easy > to work with by being more consistent. Fixed. Much better. > > 13) why are notifications not mandatory for compliance? syslogFullCompliance2 says this means support for writable objects and notifications, but th enotification group has been left out of the manadatory-groups. If the intention is to leave out the notification, I would like to know why this is desirable. > > 14) The MIB module exposes some info from syslog, such as last error. > The security considerations talk about securing snmp, but that does > not make sense if you do not also secure the syslog transport. The > security considerations should recommend securing syslog to match the > snmp security. Not fixed. > > 15) iana considerations talks about a base arc; this would be better > reworded. Fixed. > > 16) I thik rfc3164 is informative, no tnormative. Fixed. > > 17) I suspect you are not usinng xml2rfc. If not, you need to make > sure all the boilerplates are up-to-date. Please check the funding > statement and the intellectual property clauses. Partially fixed. Needs updated boilerplates. > > 18) the change log is most effective if you track the chnages from > published version to published version, not by MIB revision dates. > > David Harrington > dharrington@huawei.com > dbharrington@comcast.net > ietfdbh@comcast.net > > > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
- [Syslog] Mib-09- review, part 2 David Harrington
- [Syslog] Dbh re-review of Mib-11-, part 2 David B Harrington