Jari, On Thu, Mar 17, 2016 at 02:01:22AM -0700, Jari Arkko wrote: > Section 4.2 talks about authorization. I would expect policy to > dictate that some writes come from a specific source, but it is > unclear to me whether I2RS can require that a particular write > request arrive on a particular channel. Is this desirable? If so, > please expand the discussion of authorization to cover this point.
This may be beneficial. However, since a goal of i2rs is to utilize as much as possible in existing transports such as netconf/restconf, a better question should be whether the mechanism should be introduced there? In my opinion, this may be a useful feature but is not a blocking item. As noted in my response to Stephen's COMMENT, binding to role already exists in a form courtesy of mechanisms such as NACM or similar local privilege configuration. -- Jeff _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
