On 3/16/2017 8:27 AM, Juergen Schoenwaelder wrote:
On Wed, Mar 15, 2017 at 08:10:22PM +0100, Benoit Claise wrote:
I like the "YANG based management protocols" part
I think 'YANG based' is not needed (and to some extend even incorrect)
and I would spell out 'network management' instead of 'management':
The YANG module defined in this document is designed to be accessed
via network management protocols such as NETCONF [RFC6241] or
RESTCONF [RFC8040].
I could live with that.
Latest proposal:
The YANG module defined in this document is designed to be accessed
via network management protocols such as NETCONF [RFC6241] or
RESTCONF [RFC8040]. The lowest NETCONF layer is the secure
transport layer,
and mandatory-to-implement secure transport is Secure Shell (SSH)
[RFC6242],
while the lowest RESTCONF layer is HTTP, and the
mandatory-to-implement secure
transport is Transport Layer Security (TLS) [RFC5246].
The NETCONF access control model [RFC6536] provides the means to
restrict
access for particular NETCONF or RESTCONF users to a pre-configured
subset
of all available NETCONF or RESTCONF protocol operations and content.
I'll discuss this proposal with the security ADs during the telechat
today, even if these changes should non controversial.
Regards, Benoit
/js
_______________________________________________
netmod mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/netmod
