On Thu, May 28, 2015 at 07:34:15PM -0400, Susan Hares wrote: > Juergen: > > In my opinion, the i2rs:client-name is not different than the > NETCONF/RESTCONF user name. If you have a proposal on how to link the i2rs > priority to different than Jeff's proposal for NACM rules, we would be glad > to hear it. Jeff is trying to provide workable I2RS requirements to the > netconf/netmod WGs
Andy already made a proposal. > The architecture document indicates that the I2RS Client will obtain the > client identity and priority out-side of the protocol. Our intent was to > re-use the AAA mechanisms to spread client-identity, priority, and secondary > opaque id (if necessary). Early proof-of-concept implementations suggest > this easily linked to. I do not care where the I2RS client obtains its identity from. My concern is the server and I like to get an answer whether the priority is a property of a client, a property of a NACM group (of clients), or whether the priority is a property of a NACM access control rule. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
