[netconf] draft-ietf-keystore - certificate leafref
Balázs Kovács <balazs.kovacs@ericsson.com> Wed, 12 June 2019 09:14 UTC
Return-Path: <balazs.kovacs@ericsson.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4474120110 for <netconf@ietfa.amsl.com>; Wed, 12 Jun 2019 02:14:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qDvMViytJ1ZH for <netconf@ietfa.amsl.com>; Wed, 12 Jun 2019 02:14:54 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60089.outbound.protection.outlook.com [40.107.6.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29CC2120077 for <netconf@ietf.org>; Wed, 12 Jun 2019 02:14:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bi/IflFvQ3pzNsEkLRMERW5DllbaVzaM49aFJVLsxro=; b=IrmyCJahd/HnQ1HHaYrUhoot8yfvBYo1MG4aTZji1dUMaUtoOwqNwxIYMIbTFu6sNgnkCYkrbM6Cay0H8id7f1OA6168q/NI9UsAgjQZm5Tds2Rn8zHEg6p0xpc8MS5XKyKEG0/nb6e616wPnsjd4GBizGY9WsOksUoR+a5+geI=
Received: from VI1PR07MB4735.eurprd07.prod.outlook.com (20.177.57.146) by VI1PR07MB3485.eurprd07.prod.outlook.com (10.175.244.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.5; Wed, 12 Jun 2019 09:14:51 +0000
Received: from VI1PR07MB4735.eurprd07.prod.outlook.com ([fe80::95e8:7ebf:d9f5:d887]) by VI1PR07MB4735.eurprd07.prod.outlook.com ([fe80::95e8:7ebf:d9f5:d887%7]) with mapi id 15.20.1987.010; Wed, 12 Jun 2019 09:14:51 +0000
From: Balázs Kovács <balazs.kovacs@ericsson.com>
To: Kent Watsen <kent@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: draft-ietf-keystore - certificate leafref
Thread-Index: AdUg/wQfhESajPS8T5Sh1FhhaRcq1w==
Date: Wed, 12 Jun 2019 09:14:51 +0000
Message-ID: <VI1PR07MB4735046FD5C54DF0763BA80583EC0@VI1PR07MB4735.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=balazs.kovacs@ericsson.com;
x-originating-ip: [89.135.192.225]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4ccb0a42-9186-4838-e2a4-08d6ef166cf5
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR07MB3485;
x-ms-traffictypediagnostic: VI1PR07MB3485:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <VI1PR07MB348566FF493924E6C65A036383EC0@VI1PR07MB3485.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 0066D63CE6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(346002)(39860400002)(136003)(376002)(189003)(199004)(14454004)(478600001)(81166006)(8676002)(606006)(81156014)(66066001)(33656002)(966005)(8936002)(73956011)(66946007)(2501003)(76116006)(316002)(9326002)(86362001)(66556008)(3846002)(790700001)(6116002)(74316002)(2906002)(4744005)(25786009)(99286004)(66446008)(53936002)(71190400001)(71200400001)(68736007)(64756008)(66476007)(486006)(110136005)(476003)(186003)(6306002)(7696005)(9686003)(55016002)(236005)(6506007)(6436002)(256004)(52536014)(54896002)(102836004)(26005)(45776006)(7736002)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB3485; H:VI1PR07MB4735.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 3Xq25YHKE2QD0THbrwWr5llolzojsk7NbTymjxQVWmx/vxro7qlrNrdyhvZCUQjpQ+ppggFtQshUHIqo0/PlEIlzB1NooKqTH1dEWQ4lxQ9agWI90xMHdYaYT+OzhoDdn36Va6v21htW7MfB4D2E4TU1Odr/7Bl2GbdWCazw3OGXwY1EMuA9Y1ypONHdPR84RNepVEbzoirvic3s6k7gaRUZwMuOudezgdSDA20Qy8IcDToDr6tydhxDs7ynKBWkqu1lfrb8BzxqzM1S6C/Po1qLLoAWn6hk4gnkeRzVYpxr1wxyGYxwL1cT+x5aObPda+2a6HQPJKwrnZ+n0rZ7oXJMlUa9aqmn7TUXvpC+tB3SOe5OdMbLB/plQcXxAzsiRfCyTls8jPxvM1Rg3LAISQCevg8Su8HsAxaJbAIh9C8=
Content-Type: multipart/alternative; boundary="_000_VI1PR07MB4735046FD5C54DF0763BA80583EC0VI1PR07MB4735eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ccb0a42-9186-4838-e2a4-08d6ef166cf5
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jun 2019 09:14:51.4697 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: balazs.kovacs@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3485
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/wntQzWrQPZME-HLpA6TNY7BFgws>
Subject: [netconf] draft-ietf-keystore - certificate leafref
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2019 09:14:57 -0000
Hi Kent,
Ietf-keystore model contains this leafref:
typedef asymmetric-key-certificate-ref {
type leafref {
path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
+ "/ks:certificates/ks:certificate/ks:name";
}
description
"This typedef enables modules to easily define a reference
to a specific certificate associated with an asymmetric key
stored in the keystore.";
}
Shouldn't the leafref be constrained to point to a certificate within a specific asymmetric-key list element?
Example:
https://mailarchive.ietf.org/arch/msg/netmod/m0s9xAcDpJVm1a0-eWyTDvpXtZ0
Best Regards,
Balazs
- [netconf] draft-ietf-keystore - certificate leafr… Balázs Kovács
- Re: [netconf] draft-ietf-keystore - certificate l… Kent Watsen
- Re: [netconf] draft-ietf-keystore - certificate l… Balázs Kovács
- Re: [netconf] draft-ietf-keystore - certificate l… Kent Watsen