Re: [netmod] Last Call: <draft-ietf-netmod-system-mgmt-15.txt> (A YANG Data Model for System Management) to Proposed Standard
Martin Bjorklund <mbj@tail-f.com> Fri, 09 May 2014 06:49 UTC
Return-Path: <mbj@tail-f.com>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C71C1A01F4; Thu, 8 May 2014 23:49:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.552
X-Spam-Level:
X-Spam-Status: No, score=-2.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uP_c3USTSg0h; Thu, 8 May 2014 23:49:45 -0700 (PDT)
Received: from mail.tail-f.com (mail.tail-f.com [109.74.15.94]) by ietfa.amsl.com (Postfix) with ESMTP id C84211A01EE; Thu, 8 May 2014 23:49:44 -0700 (PDT)
Received: from localhost (s193-12-74-81.cust.tele2.se [193.12.74.81]) by mail.tail-f.com (Postfix) with ESMTPSA id 99FEA384004; Fri, 9 May 2014 08:49:38 +0200 (CEST)
Date: Fri, 09 May 2014 08:49:38 +0200
Message-Id: <20140509.084938.274205247.mbj@tail-f.com>
To: ietf@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <20140429141003.22969.2351.idtracker@ietfa.amsl.com>
References: <20140429141003.22969.2351.idtracker@ietfa.amsl.com>
X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/netmod/sERXCkKev4Ti1akAdocrtBuimpo
Cc: netmod@ietf.org
Subject: Re: [netmod] Last Call: <draft-ietf-netmod-system-mgmt-15.txt> (A YANG Data Model for System Management) to Proposed Standard
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 May 2014 06:49:46 -0000
Hi, The IESG <iesg-secretary@ietf.org> wrote: > > The IESG has received a request from the NETCONF Data Modeling Language > WG (netmod) to consider the following document: > - 'A YANG Data Model for System Management' > <draft-ietf-netmod-system-mgmt-15.txt> as Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2014-05-13. Exceptionally, comments may be > sent to iesg@ietf.org instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. The data model in in this draft has this structure (objects unrelated to SSH keys removed) +--rw user* [name] +--rw name string +--rw ssh-key* [name] +--rw name string +--rw algorithm string +--rw key-data binary The intention is that the separation of the key with two leafs, "algorithm" and "key-data" makes it easy to cut-and-paste from keys generated with ssh-keygen etc. (The encoding of type binary in YANG is base64, which happen to match the key format. So the operator can set the "algorithm" and paste the base64 encoded blob into "key-data".) During implementation of ssh key handling, we realized that the description of the objects related to SSH keys probably need some clarifications. Specifically, the list "ssh-key" and the leaf "key-data" are unclear. After consulting with people at ietf-ssh@NetBSD.org, I propose the following changes: OLD: list ssh-key { key name; description "A list of public SSH keys for this user."; reference "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; NEW: list authorized-key { key name; description "A list of public SSH keys for this user. These keys are allowed for SSH authentication, as described in RFC 4253."; reference "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; OLD: leaf key-data { type binary; mandatory true; description "The binary key data for this ssh key."; } NEW: leaf key-data { type binary; mandatory true; description "The binary public key data for this ssh key, as specified by RFC 4253, Section 6.6, i.e.,: string certificate or public key format identifier byte[n] key/certificate data "; reference "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; } /martin
- [netmod] Last Call: <draft-ietf-netmod-system-mgm… The IESG
- Re: [netmod] Last Call: <draft-ietf-netmod-system… Martin Bjorklund
- Re: [netmod] Last Call: <draft-ietf-netmod-system… Sean Turner
- Re: [netmod] Last Call: <draft-ietf-netmod-system… Juergen Schoenwaelder