On Wed, May 27, 2015 at 06:04:58PM -0700, Andy Bierman wrote:
>
> Although I should be promoting use of NACM, I am not so sure it should
> be mandatory for I2RS or required to configure I2RS client priority.
>
> list i2rs-client {
> key name;
> leaf name {
> description "The client name";
> type i2rs:client-name;
> }
> leaf priority {
> description "The priority value assigned to this client.";
> type i2rs:client-priority;
> }
> }
So what is i2rs:client-name - is it any different from a
NETCONF/RESTCONF username?
NACM maps user names into groups and NACM allows to have the mapping
supplied by an external source (e.g. RADIUS). If this priority mapping
is kept separate from NACM, would we need to provision means to get
the priority from AAA as well?
And the bigger question: Do we create something specific for I2RS or
are we going to extend the generic YANG/NC/RC framework to provide the
tools I2RS needs? This is probably a question the NETCONF WG has to
answer.
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
_______________________________________________
i2rs mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2rs
