Document: draft-ietf-netconf-with-defaults-12.txt Reviewer: Richard Barnes Review Date: 2010-10-25 Summary: This document is almost ready to go. Some minor ambiguities need to be resolved, and some meat needs to be added to the security considerations. Major issues: S4: I'm confused by the existence of Section 4 in light of the fact that Sections 2.1.2, 2.2.2., and 2.3.2 say that a server MUST support a value for each of the basic modes. If there are cases where a server doesn't support a given mode, what does it mean for it to "support the parameter" with a given value? S8: I'll defer to the SECDIR reviewer for more details, it seems like there are some more security considerations to be discussed. For example, if the underlying protocol is used in a mode without authentication and integrity protection a man in the middle could abuse both the element and the :with-defaults capability to suppress information from the server to the client. In principle, the same MitM could change the values in the data messages directly, but it is simpler just to prevent them from being sent in the first place. Minor issues: S2.1.3 P1: "...MUST return an