[netconf] Updated client-server suite of drafts
Kent Watsen <kent+ietf@watsen.net> Thu, 28 December 2023 18:56 UTC
Return-Path: <0100018cb1c8816a-afd2b265-6502-4cb4-a508-66cee1636b2b-000000@amazonses.watsen.net>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 662FFC1519A2 for <netconf@ietfa.amsl.com>; Thu, 28 Dec 2023 10:56:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hv5s5-URgJxi for <netconf@ietfa.amsl.com>; Thu, 28 Dec 2023 10:55:59 -0800 (PST)
Received: from a8-33.smtp-out.amazonses.com (a8-33.smtp-out.amazonses.com [54.240.8.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16B6BC15199A for <netconf@ietf.org>; Thu, 28 Dec 2023 10:55:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=224i4yxa5dv7c2xz3womw6peuasteono; d=amazonses.com; t=1703789757; h=From:Content-Type:Mime-Version:Subject:Message-Id:Date:Cc:To:Feedback-ID; bh=2g8OzkZP3SwkFljx8eI7MBeED2QIq4igIeXoKa0CBZ0=; b=dTLjE3ItshIy1QBV2xGa3uw7TL3k+j56JXofFEYPt4soxoBpuixdnEw0X+wXAroz vTfBnSNWTek6XLyb1NhN4VY77GPScmynJB2PqqNzn14cFuOCby38a5QlZ4wSKMQcdzn phL6OkMhLt4WBHZ8ODcW5A2zA9agxCoLb6ytyY+U=
From: Kent Watsen <kent+ietf@watsen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4F97CE6F-D73B-4768-B05A-ED305C0F3BE7"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Message-ID: <0100018cb1c8816a-afd2b265-6502-4cb4-a508-66cee1636b2b-000000@email.amazonses.com>
Date: Thu, 28 Dec 2023 18:55:56 +0000
Cc: "netconf@ietf.org" <netconf@ietf.org>
To: "Rob Wilton (rwilton)" <rwilton=40cisco.com@dmarc.ietf.org>, Michal Vasko <mvasko@cesnet.cz>, Roman Janota <Roman.Janota=40cesnet.cz@dmarc.ietf.org>, Jensen Zhang <jingxuan.n.zhang@gmail.com>, Mohamed Boucadair <mohamed.boucadair@orange.com>
X-Mailer: Apple Mail (2.3731.600.7)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2023.12.28-54.240.8.33
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/bSrNdPp739vNIAKlEhnEEGGKHLQ>
Subject: [netconf] Updated client-server suite of drafts
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Dec 2023 18:56:00 -0000
All, I just published an update for the suite of client-server drafts. Please see CHANGE LOGS at bottom for details. Rob, These updates primarily address your AD reviews and provided for your ability to see diffs. For ongoing “discuss” items, please see my responses to your comments in the per draft AD-review email threads. Michal, Roman, Please review how private-keys not longer require public-keys to also be specified. Jensen, Med, Please note that ietf-truststore now defines typedefs and groupings similar to in your alto draft. Kent // author CHANGE LOGS ============= Crypto-types Mostly addresses AD review comments. Also addresses on-list comment regarding public-keys being "mandatory true." Added note to Editor to fix line foldings. Factored 'private-key-grouping' from 'asymmetric-key-pair-grouping'. Made public-key in 'asymmetric-key-pair-grouping' be "mandatory false". Renamed 'encrypted-by-choice-grouping' to 'encrypted-by-grouping'. Truststore Mostly addresses AD review comments. Also added typedefs and groupings similar to those created by Alto WG. Added note to Editor to fix line foldings. Renamed "truststore" to "central truststore" throughout. Removed "built-in" section text that overlaps with the "system-config" draft. Added "certificate-ref-grouping" and "public-key-ref-grouping" Modified typedef certificate-ref's leafref path to NOT prefix "certificate-bag". Modified typedef public-key-ref's leafref path to NOT prefix "public-key-bag". Added groupings "certificate-ref-grouping" and "public-key-ref-grouping". Keystore Addresses AD review comments. Added note to Editor to fix line foldings. Renamed "keystore" to "central keystore" throughout. Renamed "encrypted-by-choice-grouping" to "encrypted-by-grouping". Removed "public-key-format" and "public-key" nodes from examples. Tcp-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Added Security Considerations text to also look a SC-section from imported modules. Fixed bug: s/augment "keepalives"/refine "keepalives"/ Set defaults for idle-time, max-probes, and probe-interval (removed "mandatory true"). Updated examples to use IETF recommended values for examples. Ssh-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Introduction now more clearly identifies the "ietf-" and "iana-" modules defined. Clarified that the modules, when implemented, do not define any protocol-accessible nodes. Clarified that IANA may deprecate and/or obsolete identities over time. Added Security Consideration for the "generate-public-key" RPC. Added Security Considerations text to also look a SC-section from imported modules. Fixed private-key "must" expressions to not require public-key nodes to be present. Renamed leaf from "bits" to "num-bits". Renamed leaf from "hide" to "hidden". Added container "private-key-encoding" to wrap existing choice. Removed "public-key-format" and "public-key" nodes from examples. Tls-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Introduction now more clearly identifies the "ietf-" and "iana-" modules defined. Clarified that the modules, when implemented, do not define any protocol-accessible nodes. Clarified that IANA may deprecate and/or obsolete identities over time. Added Security Consideration for the "generate-public-key" RPC. Added Security Considerations text to also look a SC-section from imported modules. Added missing if-feature statements. Fixed private-key "must" expressions to not require public-key nodes to be present. Fixed ident-tls12-psk and ident-tls13-psk YANG and references. Renamed leaf from "bits" to "num-bits". Added missing "ordered-by user" statement. Added container "private-key-encoding" to wrap existing choice. Renamed container "encrypt-with" to "encrypted". Renamed leaf from "hide" to "hidden". Removed "public-key-format" and "public-key" nodes from examples. Http-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Removed "Conventions" section as there are no "BASE64VALUE=" values used in draft. Clarified that the modules, when implemented, do not define any protocol-accessible nodes. Added Security Considerations text to also look a SC-section from imported modules. Removed "A wrapper around the foobar parameters to avoid name collisions" text. Removed "public-key-format" and "public-key" nodes from examples. Netconf-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Removed netconf-client-grouping, since it was empty. Removed erronious statement "client-identity-mappings" must be enabled by a "feature". Added Security Considerations text to also look a SC-section from imported modules. Removed "A wrapper around the foobar parameters to avoid name collisions" text. Added container "endpoints" to wrap list "endpoint". Resetconf-client-server Addresses AD review comments. Added note to Editor to fix line foldings. Removed "Conventions" section as there are no "BASE64VALUE=" values used in draft. Removed restconf-client-grouping, since it was empty. Removed erronious statement "client-identity-mappings" must be enabled by a "feature". Added Security Considerations text to also look a SC-section from imported modules. Removed "A wrapper around the foobar parameters to avoid name collisions" text. Added container "endpoints" to wrap list "endpoint". Fixed if-feature "https-listen" to if-feature "https-call-home".
- [netconf] Updated client-server suite of drafts Kent Watsen
- Re: [netconf] Updated client-server suite of draf… Rob Wilton (rwilton)
- Re: [netconf] Updated client-server suite of draf… Michal Vasko