Hi Linda, It seems to me that the RFC4949 definition is more general and that ietf-netmod-acl-model defines one compatible specific variation. Some of the specifics of that definition might not apply in all cases.
In fact, I am somewhat surprised that the latter document did not, evidently, reference RFC4949 ... at least for a baseline definition. True, it's a bit dated, but I think that mostly affects concepts and constructs introduced since its publication ... the widespread use of ACLs predates RFC4949 by a lot. For reference, the fairly recent CNSSI 4009, Committee on National Security Systems (CNSS) Glossary (Apr 6, 2015) also uses a more general definition: access control list (ACL) A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. Avanti, BobN From: I2nsf [mailto:[email protected]] On Behalf Of Linda Dunbar Sent: Monday, September 12, 2016 1:07 PM To: John Strassner <[email protected]>; Susan Hares <[email protected]>; [email protected] Subject: [I2nsf] I2NSF Terminology's definition on "ACL" is different from ietf-netmod-acl-model John, et al, The "ietf-netmod-acl-model" has "ACL" defined as: An ACL is an ordered set of rules that is used to filter traffic on a networking device. Each rule is represented by an Access Control Entry (ACE). The "draft-ietf-i2nsf-terminology-01" has ACL as: ACL (Acess Control List): This is a mechanism that implements access control for a system resource by enumerating the system entities that are permitted to access the resource and stating, either implicitly or explicitly, the access modes granted to each entity [RFC4949]. A YANG description is defined in [I-D.ietf-netmod-acl-model]. Can we make I2NSF's ACL definition consistent with the ""ietf-netmod-acl-model"? Thanks, Linda
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
