[radext] FW: [OPSAWG] I-D Action: draft-ietf-opsawg-ucl-acl-01.txt

"maqiufang (A)" <maqiufang1@huawei.com> Wed, 18 October 2023 02:50 UTC

Return-Path: <maqiufang1@huawei.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E79BEC1522AF; Tue, 17 Oct 2023 19:50:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id FZPIOYsI_vqk; Tue, 17 Oct 2023 19:50:41 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E30FC1519BD; Tue, 17 Oct 2023 19:50:41 -0700 (PDT)
Received: from lhrpeml500005.china.huawei.com (unknown []) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4S9Fdr22wRz6K5py; Wed, 18 Oct 2023 10:48:16 +0800 (CST)
Received: from kwepemm000020.china.huawei.com ( by lhrpeml500005.china.huawei.com ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Wed, 18 Oct 2023 03:50:37 +0100
Received: from kwepemm000017.china.huawei.com ( by kwepemm000020.china.huawei.com ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Wed, 18 Oct 2023 10:50:35 +0800
Received: from kwepemm000017.china.huawei.com ([]) by kwepemm000017.china.huawei.com ([]) with mapi id 15.01.2507.031; Wed, 18 Oct 2023 10:50:35 +0800
From: "maqiufang (A)" <maqiufang1@huawei.com>
To: "opsawg@ietf.org" <opsawg@ietf.org>
CC: "radext@ietf.org" <radext@ietf.org>
Thread-Topic: [OPSAWG] I-D Action: draft-ietf-opsawg-ucl-acl-01.txt
Thread-Index: AQHaAWzKWNULrfEar0mHt1FTZ/bcCLBO1wEQ
Date: Wed, 18 Oct 2023 02:50:35 +0000
Message-ID: <be913a2cc2704931a80a1a44eb4c1c10@huawei.com>
References: <169759684510.46801.13175652273248429610@ietfa.amsl.com>
In-Reply-To: <169759684510.46801.13175652273248429610@ietfa.amsl.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/eLOmrfMCyrYlPk7_0oQMpJNHhvc>
Subject: [radext] FW: [OPSAWG] I-D Action: draft-ietf-opsawg-ucl-acl-01.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Oct 2023 02:50:44 -0000

Hi, all,

Some high-level updates of -01: 
  *  Change the document title and add a reference to "policy"
  *  Split the definition of schedule YANG module into a separate document (https://datatracker.ietf.org/doc/draft-ma-opsawg-schedule-yang/) 
  *  Add reference to I-D. dekok-radext-deprecating-radius for authentication method recommendations
  *  Change endpoint group-id as a string, and fix related examples accordingly
  *  Use typedef to ease leafref of the node
  *  Tweaks to the RADIUS section and add a restriction to the length based on comments from RADEXT
  *  Add IPv6 examples

There are still some unclosed issues which are available at: https://github.com/boucadair/policy-based-network-acl/issues

Further comments and suggestions are welcome.

Best Regards,
Qiufang(on behalf of authors)

-----Original Message-----
From: OPSAWG [mailto:opsawg-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org
Sent: Wednesday, October 18, 2023 10:41 AM
To: i-d-announce@ietf.org
Cc: opsawg@ietf.org
Subject: [OPSAWG] I-D Action: draft-ietf-opsawg-ucl-acl-01.txt

Internet-Draft draft-ietf-opsawg-ucl-acl-01.txt is now available. It is a work item of the Operations and Management Area Working Group (OPSAWG) WG of the IETF.

   Title:   A YANG Data Model and RADIUS Extension for Policy-based Network Access Control
   Authors: Qiufang Ma
            Qin Wu
            Mohamed Boucadair
            Daniel King
   Name:    draft-ietf-opsawg-ucl-acl-01.txt
   Pages:   34
   Dates:   2023-10-17


   This document defines a YANG data model for policy-based network
   access control, which provides consistent and efficient enforcement
   of network access control policies based on group identity.
   Moreover, this document defines a mechanism to ease the maintenance
   of the mapping between a user group identifier and a set of IP/MAC
   addresses to enforce policy-based network access control.

   In addition, the document defines a RADIUS attribute that is used to
   communicate the user group identifier as part of identification and
   authorization information.

The IETF datatracker status page for this Internet-Draft is:

There is also an HTMLized version available at:

A diff from the previous version is available at:

Internet-Drafts are also available by rsync at:

OPSAWG mailing list