Re: [netconf] I-D Action: draft-ietf-netconf-trust-anchors-08.txt
Balázs Kovács <balazs.kovacs@ericsson.com> Thu, 21 November 2019 10:12 UTC
Return-Path: <balazs.kovacs@ericsson.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F15E120980 for <netconf@ietfa.amsl.com>; Thu, 21 Nov 2019 02:12:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aj5rBll8rpz3 for <netconf@ietfa.amsl.com>; Thu, 21 Nov 2019 02:12:15 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-db3eur04on0629.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0c::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 262331208B0 for <netconf@ietf.org>; Thu, 21 Nov 2019 02:12:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=axAdcmNBmUQgy1kYNDStkauagVJXmvizPZl0jTf++MFJHB+mzDtAEb+XB13MXiKdMxkaBI5kxabmm1LjfC70kMXM1M4G8sLxfQNQjFdpeSDPzIwYqMcnBc2V1FBiT+bQzdUXHmSO8oVJFFgeUMt1JMgRrqrOfUrnltn5eakkUfvquxXaMn4aXInP4iEeIXn8jk1H8kjQ1Ob9gX05bykahoHlX3KGRWcM/SNeZvgWURgAR7JbXfFTyfk6932hSInskJzhoNy2dwy88qC1FIqzo/Qi9WYJbjlh3/04L4HkoZ/GqvtkVa5YXglzuCu1hs0Q9voT6IUmETpWYQ+dhpld6A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g59syyh8FNQJZvYqkgtvoEMgHIfMxoSQ9PgNTVsJDxw=; b=RCwUjW5+R4J0FAadjutZDRjIlCg7AFsXb2UeZ9Kn8zbSjKgRnYz4mmkM/CYtaSDNgBPhUp8wBTuubP88wmMNzeBSpMqFZ7dRds9bknTi3LJ8XGgFCZI2i6L+vavDnZaBbHMcE7YD2c2xyoo1F4e8nO+WmSmux35jUFxLGZTI3EHt6bhJ4cww3zxN+xKeYUcd5q0nY67ljDHWM5d/MXDIoXsITIp2srrxq8sT29AEzZ7i7c822pQW1ExKc7mVz4iv/L9ds13Slkjc0ssOmsNEcNPfspP8s6aAJ2MQT1sjcp8YsSRQ2Rj4Zm6ZLI6SeViWerPnDRk7csKH1s0+IuwD5g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g59syyh8FNQJZvYqkgtvoEMgHIfMxoSQ9PgNTVsJDxw=; b=GIZB2K6Ai9nLmRr2J4qPex5ySuD+H23qb6aVIb3SKB+WscK1Mf7tm+Karc9EuH26dDZYpTj7g/55EnEkGfzMLGq/wRHgA8nfqKtAKMpn4b7wVh94vHIJnSzG+jpyTPFf8U1QRObNMJJLb5BKwFBINxEGzHNgIFsxSWr98Ubwaa4=
Received: from AM0PR07MB5187.eurprd07.prod.outlook.com (20.178.20.74) by AM0PR07MB5170.eurprd07.prod.outlook.com (20.178.17.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.12; Thu, 21 Nov 2019 10:12:11 +0000
Received: from AM0PR07MB5187.eurprd07.prod.outlook.com ([fe80::e485:83e7:ee62:53f8]) by AM0PR07MB5187.eurprd07.prod.outlook.com ([fe80::e485:83e7:ee62:53f8%5]) with mapi id 15.20.2495.010; Thu, 21 Nov 2019 10:12:11 +0000
From: Balázs Kovács <balazs.kovacs@ericsson.com>
To: "netconf@ietf.org" <netconf@ietf.org>, Kent Watsen <kent+ietf@watsen.net>
Thread-Topic: [netconf] I-D Action: draft-ietf-netconf-trust-anchors-08.txt
Thread-Index: AQHVn9FEIYmE0id0x0Sc0BE/mi1FhaeVZ70A
Date: Thu, 21 Nov 2019 10:12:11 +0000
Message-ID: <AM0PR07MB5187671751F4AAAA8B11C1B1834E0@AM0PR07MB5187.eurprd07.prod.outlook.com>
References: <157427488971.30550.14896478334458805818@ietfa.amsl.com>
In-Reply-To: <157427488971.30550.14896478334458805818@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.kovacs@ericsson.com;
x-originating-ip: [89.135.192.225]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9f4d4559-b346-4ff7-bcf7-08d76e6b4670
x-ms-traffictypediagnostic: AM0PR07MB5170:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <AM0PR07MB5170D0249D9597487BD44633834E0@AM0PR07MB5170.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0228DDDDD7
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(366004)(39860400002)(376002)(136003)(396003)(54534003)(13464003)(199004)(189003)(7736002)(99286004)(305945005)(26005)(86362001)(186003)(229853002)(110136005)(52536014)(446003)(11346002)(5660300002)(66066001)(71190400001)(71200400001)(25786009)(6306002)(9686003)(966005)(7696005)(81156014)(81166006)(316002)(8676002)(33656002)(256004)(14454004)(4001150100001)(8936002)(55016002)(6246003)(2906002)(6116002)(53546011)(74316002)(3846002)(2501003)(6506007)(66946007)(76116006)(76176011)(66574012)(102836004)(66476007)(66556008)(64756008)(66446008)(6436002)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR07MB5170; H:AM0PR07MB5187.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eTI8zkZSKZgm0NS3X2s4NzdmjMks5hJ3i2+C6QTDA/anwZsSZZdbobvdopY2XnU7RBxvedN1ycpw1HifzmAtFPkhC7sk6n79/8X0YDpHM4l5er7kBp5dhmrFjO5gYTaR7Oh927uADSSmMWz+k2rlWMMw9ISUT7Pal+7TZQ0N2kOQYgiJcjFGlMlNg/OWrKz9QgcZZMdkEwyi56M7P2yDgxLDfFb1OPCNUiMQX5aBODN3ZDUij+bZfa9iv1GVGVMc3r35lyekeqlMc+H17YWneLmtig2wQm8Bq55PCywapfhwsldc7Wwh/LjlHz8eBSsaVWDGPMtzl1plJvExqztpU5Lwbi8HUyVJqKdL3Bt+DVMiqZF03Gh43NwjbLjLT8QtVFIMxp/YudEXJAkxKmFNvacH71oh2HICKwET90xB/Zxmdcm5tgcSTzcXfYbzKpD5iE+zkblZ3Z07niKR8tEwQeDl1qt12ZJg442JCr/8cmQ=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9f4d4559-b346-4ff7-bcf7-08d76e6b4670
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2019 10:12:11.7824 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: udNJgrlNT1joOpDiW0GKDchPyhI0ZQVqsI4RTtWs7rZ+SkFGtMYwwmt14CbBboqvP8RhEWE7jsb9v9FirPyqrxvkyZ9ZcFQ3G6PInWyD91Y=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB5170
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/OPr_EEXQLh3vK-ptrum2WVgO4ho>
Subject: Re: [netconf] I-D Action: draft-ietf-netconf-trust-anchors-08.txt
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2019 10:12:18 -0000
Hi, Thank you for the updates Kent! One comment though, the changelog and the text do not seem to reflect the changes we have done in the models about the psk and the raw-public-key topic. For example, the truststore model does not have PSK keys now, but still the introduction mentions them. As opposed to this, the addition of the new local-or-keystore symmetric key grouping to keystore in relation to PSK is not mentioned in keystore. Br, Balazs -----Original Message----- From: netconf <netconf-bounces@ietf.org> On Behalf Of internet-drafts@ietf.org Sent: Wednesday, November 20, 2019 7:35 PM To: i-d-announce@ietf.org Cc: netconf@ietf.org Subject: [netconf] I-D Action: draft-ietf-netconf-trust-anchors-08.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Network Configuration WG of the IETF. Title : A YANG Data Model for a Truststore Author : Kent Watsen Filename : draft-ietf-netconf-trust-anchors-08.txt Pages : 21 Date : 2019-11-20 Abstract: This document defines a YANG 1.1 data model for configuring global sets of X.509 certificates, SSH host-keys, raw public keys, and PSKs (pairwise-symmetric or pre-shared keys) that can be referenced by other data models for trust. While the SSH host-keys are uniquely for the SSH protocol, certificates, raw public keys, and PSKs may have multiple uses, including authenticating protocol peers and verifying signatures. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-netconf-trust-anchors/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-netconf-trust-anchors-08 https://datatracker.ietf.org/doc/html/draft-ietf-netconf-trust-anchors-08 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-netconf-trust-anchors-08 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ netconf mailing list netconf@ietf.org https://www.ietf.org/mailman/listinfo/netconf
- [netconf] I-D Action: draft-ietf-netconf-trust-an… internet-drafts
- Re: [netconf] I-D Action: draft-ietf-netconf-trus… Balázs Kovács
- Re: [netconf] I-D Action: draft-ietf-netconf-trus… Kent Watsen