The IESG has received a request from the Operations and Management Area Working Group WG (opsawg) to consider the following document: - 'A YANG Data Model and RADIUS Extension for Policy-Based Network Access Control' <draft-ietf-opsawg-ucl-acl-12.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2026-02-25. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document defines a YANG data model for policy-based network access control, which provides enforcement of network access control policies based on group identity. Additionally, the YANG data model defined in the document also extends ACLs (Access Control Lists) with date and time parameters to support schedule-aware policy enforcement. Specifically in scenarios where network access is triggered by user authentication, this document defines a mechanism to ease the maintenance of the mapping between a user group identifier and a set of IP/MAC addresses to enforce policy-based network access control. Moreover, the document defines a Remote Authentication Dial-in User Service (RADIUS) attribute that is used to communicate the user group identifier as part of identification and authorization information. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-opsawg-ucl-acl/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
