< draft-ietf-core-yang-library-01.txt   draft-ietf-core-yang-library-02.txt >
Internet Engineering Task Force M. Veillette, Ed. Internet Engineering Task Force M. Veillette, Ed.
Internet-Draft Trilliant Networks Inc. Internet-Draft Trilliant Networks Inc.
Intended status: Standards Track I. Petrov, Ed. Intended status: Standards Track I. Petrov, Ed.
Expires: July 26, 2020 Acklio Expires: January 11, 2021 Acklio
January 23, 2020 July 10, 2020
Constrained YANG Module Library Constrained YANG Module Library
draft-ietf-core-yang-library-01 draft-ietf-core-yang-library-02
Abstract Abstract
This document describes a constrained version of the YANG library This document describes a constrained version of the YANG library
that provides information about the YANG modules, datastores, and that provides information about the YANG modules, datastores, and
datastore schemas used by a constrained network management server datastore schemas used by a constrained network management server
(e.g., a CORECONF server). (e.g., a CORECONF server).
Status of This Memo Status of This Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 26, 2020. This Internet-Draft will expire on January 11, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 10 skipping to change at page 2, line 10
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology and Notation . . . . . . . . . . . . . . . . . . 2 2. Terminology and Notation . . . . . . . . . . . . . . . . . . 2
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.1. Tree diagram . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Tree diagram . . . . . . . . . . . . . . . . . . . . . . 4
3.2. Major differences between ietf-constrained-yang-library 3.2. Major differences between ietf-constrained-yang-library
and ietf-yang-library . . . . . . . . . . . . . . . . . . 4 and ietf-yang-library . . . . . . . . . . . . . . . . . . 4
4. YANG Module "ietf-constrained-yang-library" . . . . . . . . . 5 4. YANG Module "ietf-constrained-yang-library" . . . . . . . . . 5
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
5.1. YANG Module Registry . . . . . . . . . . . . . . . . . . 13 5.1. YANG Module Registration . . . . . . . . . . . . . . . . 13
5.2. YANG Namespace Registration . . . . . . . . . . . . . . . 13
6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 14
8.1. Normative References . . . . . . . . . . . . . . . . . . 14 8.1. Normative References . . . . . . . . . . . . . . . . . . 14
8.2. Informative References . . . . . . . . . . . . . . . . . 14 8.2. Informative References . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
There is a need for a standard mechanism to expose which YANG There is a need for a standard mechanism to expose which YANG
modules, datastores and datastore schemas are in use by a constrained modules, datastores and datastore schemas are in use by a constrained
network management server. This document defines the YANG module network management server. This document defines the YANG module
'ietf-constrained-yang-library' that provides this information. 'ietf-constrained-yang-library' that provides this information.
YANG module 'ietf-constrained-yang-library' shares the same data YANG module 'ietf-constrained-yang-library' shares the same data
model and objectives as 'ietf-yang-library', only datatypes and model and objectives as 'ietf-yang-library', only datatypes and
mandatory requirements have been updated to minimize its size to mandatory requirements have been updated to minimize its size to
allow its implementation by Constrained Nodes and/or Constrained allow its implementation by Constrained Nodes and/or Constrained
Networks as defined by [RFC7228]. To review the list of objectives Networks as defined by [RFC7228]. To review the list of objectives
and proposed data model, please refer to [RFC8525] section 2 and 3. and the proposed data model, please refer to [RFC8525] section 2 and
3.
2. Terminology and Notation 2. Terminology and Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
The following terms are defined in [RFC7950]: client, deviation, The following terms are defined in [RFC7950]: client, deviation,
feature, module, submodule and server. feature, module, submodule, and server.
The following term is defined in [I-D.ietf-core-sid]: YANG Schema The following term is defined in [I-D.ietf-core-sid]: YANG Schema
Item iDentifier (SID). Item iDentifier (SID).
The following terms are defined in [RFC8525]: YANG library and YANG The following terms are defined in [RFC8525]: YANG library and YANG
library checksum. library checksum.
3. Overview 3. Overview
The conceptual model of the YANG library is depicted in Figure 1. The conceptual model of the YANG library is depicted in Figure 1.
skipping to change at page 4, line 48 skipping to change at page 5, line 5
+---n yang-library-update +---n yang-library-update
+--ro checksum -> /yang-library/checksum +--ro checksum -> /yang-library/checksum
3.2. Major differences between ietf-constrained-yang-library and ietf- 3.2. Major differences between ietf-constrained-yang-library and ietf-
yang-library yang-library
The changes between the reference data model 'ietf-yang-library' and The changes between the reference data model 'ietf-yang-library' and
its constrained version 'ietf-constrained-yang-library' are listed its constrained version 'ietf-constrained-yang-library' are listed
below: below:
o module-set 'name' and schema 'name' are implemented using an 8 o module-set 'name' and schema 'name' are implemented using 8 bits
bits unsigned integer and renamed 'index'. unsigned integers and renamed 'index'.
o module 'name', submodule 'name' and datastore 'name' are o module 'name', submodule 'name' and datastore 'name' are
implemented using a SID (i.e. an unsigned integer) and renamed implemented using a SID (i.e. an unsigned integer) and renamed
'identifier'. 'identifier'.
o 'feature' and 'deviation' are implemented using a SID (i.e. an o 'feature' and 'deviation' are implemented using a SID (i.e. an
unsigned integer). unsigned integer).
o 'revision' fields are implemented using a 4 bytes binary string. o 'revision' fields are implemented using a 4 bytes binary string.
skipping to change at page 5, line 27 skipping to change at page 5, line 30
o the implementation of the 'location' fields are not recommended, o the implementation of the 'location' fields are not recommended,
the use of the module SID as the handle to retrieve the associated the use of the module SID as the handle to retrieve the associated
YANG module is proposed instead. YANG module is proposed instead.
4. YANG Module "ietf-constrained-yang-library" 4. YANG Module "ietf-constrained-yang-library"
RFC Ed.: update the date below with the date of RFC publication and RFC Ed.: update the date below with the date of RFC publication and
remove this note. remove this note.
<CODE BEGINS> file "ietf-constrained-yang-library@2019-03-28.yang" <CODE BEGINS> file "ietf-constrained-yang-library@2019-03-28.yang"
module ietf-constrained-yang-library { module ietf-constrained-yang-library {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-constrained-yang-library"; "urn:ietf:params:xml:ns:yang:ietf-constrained-yang-library";
prefix "yanglib"; prefix "yanglib";
// RFC Ed.: update ietf-core-sid reference.
import ietf-sid-file {
prefix sid;
reference "I-D.ietf-core-sid";
}
import ietf-inet-types {
prefix inet;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-datastores {
prefix ds;
reference
"RFC 8342: Network Management Datastore Architecture (NMDA).";
}
organization // RFC Ed.: update ietf-core-sid reference.
"IETF NETCONF (Network Configuration) Working Group";
contact import ietf-sid-file {
"WG Web: <http://datatracker.ietf.org/wg/core/> prefix sid;
reference "RFC YYYY: YANG Schema Item iDentifier (SID)";
// RFC Editor: Please replace YYYY with RFC number of I-D.ietf-core-sid.
}
import ietf-inet-types {
prefix inet;
reference "RFC 6991: Common YANG Data Types.";
}
import ietf-datastores {
prefix ds;
reference
"RFC 8342: Network Management Datastore Architecture (NMDA).";
}
organization
"IETF CoRE Working Group";
WG List: <mailto:core@ietf.org> contact
"WG Web: <http://datatracker.ietf.org/wg/core/>
WG Chair: Carsten Bormann WG List: <mailto:core@ietf.org>
<mailto:cabo@tzi.org>
WG Chair: Jaime Jimenez Editor: Michel Veillette
<mailto:jaime.jimenez@ericsson.com> <mailto:michel.veillette@trilliantinc.com>
Editor: Michel Veillette Editor: Ivaylo Petrov
<mailto:michel.veillette@trilliantinc.com>"; <mailto:ivaylo@ackl.io>";
description description
"This module provides information about the YANG modules, "This module provides information about the YANG modules,
datastores, and datastore schemas implemented by a datastores, and datastore schemas implemented by a
constrained network management server. constrained network management server.
Copyright (c) 2018 IETF Trust and the persons identified as Copyright (c) 2018 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
(http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see This version of this YANG module is part of RFC XXXX; see
the RFC itself for full legal notices."; the RFC itself for full legal notices.";
// RFC Ed.: update reference. // RFC Editor: Please replace XXXX with RFC number and remove this note
revision 2019-03-28 { revision 2019-03-28 {
description description
"Second revision."; "Second revision.";
reference reference
"[I-D.veillette-core-yang-library]"; "RFC XXXX: Constrained YANG Module Library";
} // RFC Editor: Please replace XXXX with RFC number and remove this note
}
revision 2018-09-21 { /*
description * Typedefs
"Initial revision."; */
reference
"[I-D.veillette-core-yang-library]";
}
/*
* Typedefs
*/
typedef revision-identifier { typedef revision-identifier {
type binary { type binary {
length "4"; length "4";
} }
description description
"Revision date encoded as a binary string, each nibble "Revision date encoded as a binary string, each nibble
representing a digit of the of revision date. For example, representing a digit of the revision date. For example,
revision 2018-09-21 is encoded as 0x20 0x18 0x09 0x21."; revision 2018-09-21 is encoded as 0x20 0x18 0x09 0x21.";
} }
/* /*
* Groupings * Groupings
*/ */
grouping module-identification-leafs { grouping module-identification-leafs {
description description
"Parameters for identifying YANG modules and submodules."; "Parameters for identifying YANG modules and submodules.";
leaf identifier { leaf identifier {
type sid:sid; type sid:sid;
mandatory true; mandatory true;
description description
"SID assigned to this module or submodule."; "SID assigned to this module or submodule.";
} }
leaf revision { leaf revision {
type revision-identifier; type revision-identifier;
description description
"The YANG module or submodule revision date. If no "The YANG module or submodule revision date. If no
revision statement is present in the YANG module revision statement is present in the YANG module
or submodule, this leaf is not instantiated."; or submodule, this leaf is not instantiated.";
} }
} }
grouping location-leaf-list { grouping location-leaf-list {
description description
"Common location leaf list parameter for modules and "Common location leaf list parameter for modules and
submodules."; submodules.";
leaf-list location { leaf-list location {
type inet:uri; type inet:uri;
description description
"Contains a URL that represents the YANG schema resource "Contains a URL that represents the YANG schema resource
for this module or submodule. for this module or submodule.
This leaf is present in the model to keep the alignment This leaf is present in the model to keep the alignment
with 'ietf-yang-library'. Support of this leaf in with 'ietf-yang-library'. Support of this leaf in
constrained devices is not necessarily required, nor constrained devices is not necessarily required, nor
expected. It is recommended that clients used the module expected. It is recommended that clients used the module
or sub-module SID as the handle used to retrieve the or sub-module SID as the handle used to retrieve the
corresponding YANG module"; corresponding YANG module";
}
}
grouping implementation-parameters { }
description }
"Parameters for describing the implementation of a module.";
leaf-list feature { grouping implementation-parameters {
type sid:sid; description
description "Parameters for describing the implementation of a module.";
"List of all YANG feature names from this module that are
supported by the server, regardless whether they are
defined in the module or any included submodule.";
}
leaf-list deviation {
type leafref {
path "../../module/identifier";
}
description
"List of all YANG deviation modules used by this server to
modify the conformance of the module associated with this
entry. Note that the same module can be used for
deviations for multiple modules, so the same entry MAY
appear within multiple 'module' entries.
This reference MUST NOT (directly or indirectly) leaf-list feature {
refer to the module being deviated. type sid:sid;
description
"List of all YANG feature names from this module that are
supported by the server, regardless whether they are
defined in the module or any included submodule.";
}
leaf-list deviation {
type leafref {
path "../../module/identifier";
}
description
"List of all YANG deviation modules used by this server to
modify the conformance of the module associated with this
entry. Note that the same module can be used for
deviations for multiple modules, so the same entry MAY
appear within multiple 'module' entries.
Robust clients may want to make sure that they handle a This reference MUST NOT (directly or indirectly)
situation where a module deviates itself (directly or refer to the module being deviated.
indirectly) gracefully.";
}
}
grouping module-set-parameters { Robust clients may want to make sure that they handle a
description situation where a module deviates itself (directly or
"A set of parameters that describe a module set."; indirectly) gracefully.";
}
}
leaf index { grouping module-set-parameters {
type uint8; description
description "A set of parameters that describe a module set.";
"An arbitrary number assigned of the module set.";
} leaf index {
list module { type uint8;
key "identifier"; description
description "An arbitrary number assigned of the module set.";
"An entry in this list represents a module implemented }
by the server, as per RFC 7950 section 5.6.5, with a list module {
particular set of supported features and deviations."; key "identifier";
reference description
"RFC 7950: The YANG 1.1 Data Modeling Language."; "An entry in this list represents a module implemented
by the server, as per RFC 7950 section 5.6.5, with a
particular set of supported features and deviations.";
reference
"RFC 7950: The YANG 1.1 Data Modeling Language.";
uses module-identification-leafs; uses module-identification-leafs;
leaf namespace { leaf namespace {
type inet:uri; type inet:uri;
description description
"The XML namespace identifier for this module. "The XML namespace identifier for this module.
This leaf is present in the model to keep the alignment This leaf is present in the model to keep the alignment
with 'ietf-yang-library'. Support of this leaf in with 'ietf-yang-library'. Support of this leaf in
constrained devices is not required, nor expected."; constrained devices is not required, nor expected.";
} }
uses location-leaf-list; uses location-leaf-list;
list submodule { list submodule {
key "identifier"; key "identifier";
description description
"Each entry represents one submodule within the parent "Each entry represents one submodule within the parent
module."; module.";
uses module-identification-leafs; uses module-identification-leafs;
uses location-leaf-list; uses location-leaf-list;
} }
uses implementation-parameters; uses implementation-parameters;
} }
list import-only-module { list import-only-module {
key "identifier revision"; key "identifier revision";
description description
"An entry in this list indicates that the server imports "An entry in this list indicates that the server imports
reusable definitions from the specified revision of the reusable definitions from the specified revision of the
module, but does not implement any protocol accessible module, but does not implement any protocol accessible
objects from this revision. objects from this revision.
Multiple entries for the same module name MAY exist. Multiple entries for the same module name MAY exist.
This can occur if multiple modules import the same This can occur if multiple modules import the same
module, but specify different revision-dates in the module, but specify different revision-dates in the
import statements."; import statements.";
leaf identifier { leaf identifier {
type sid:sid; type sid:sid;
description description
"The YANG module name."; "The YANG module name.";
} }
leaf revision { leaf revision {
type union { type union {
type revision-identifier; type revision-identifier;
type string { type string {
length 0; length 0;
} }
} }
description description
"The YANG module revision date."; "The YANG module revision date.";
} }
leaf namespace { leaf namespace {
type inet:uri; type inet:uri;
description description
"The XML namespace identifier for this module. "The XML namespace identifier for this module.
This leaf is present in the model to keep the alignment This leaf is present in the model to keep the alignment
with 'ietf-yang-library'. Support of this leaf in with 'ietf-yang-library'. Support of this leaf in
constrained devices is not required, nor expected."; constrained devices is not required, nor expected.";
} }
uses location-leaf-list; uses location-leaf-list;
list submodule { list submodule {
key "identifier"; key "identifier";
description description
"Each entry represents one submodule within the "Each entry represents one submodule within the
parent module."; parent module.";
uses module-identification-leafs; uses module-identification-leafs;
uses location-leaf-list; uses location-leaf-list;
} }
} }
} }
grouping yang-library-parameters { grouping yang-library-parameters {
description description
"The YANG library data structure is represented as a grouping "The YANG library data structure is represented as a grouping
so it can be reused in configuration or another monitoring so it can be reused in configuration or another monitoring
data structure."; data structure.";
list module-set { list module-set {
key index; key index;
description description
"A set of modules that may be used by one or more schemas. "A set of modules that may be used by one or more schemas.
A module set does not have to be referentially complete, A module set does not have to be referentially complete,
i.e., it may define modules that contain import statements i.e., it may define modules that contain import statements
for other modules not included in the module set."; for other modules not included in the module set.";
uses module-set-parameters; uses module-set-parameters;
} }
list schema {
key "index";
description
"A datastore schema that may be used by one or more
datastores.
list schema { The schema must be valid and referentially complete,
key "index"; i.e., it must contain modules to satisfy all used import
description statements for all modules specified in the schema.";
"A datastore schema that may be used by one or more
datastores.
The schema must be valid and referentially complete, leaf index {
i.e., it must contain modules to satisfy all used import type uint8;
statements for all modules specified in the schema."; description
"An arbitrary reference number assigned to the schema.";
}
leaf-list module-set {
type leafref {
path "../../module-set/index";
}
description
"A set of module-sets that are included in this schema.
If a non import-only module appears in multiple module
sets, then the module revision and the associated
features and deviations must be identical.";
}
}
leaf index { list datastore {
type uint8; key "identifier";
description description
"An arbitrary reference number assigned to the schema."; "A datastore supported by this server.
}
leaf-list module-set {
type leafref {
path "../../module-set/index";
}
description
"A set of module-sets that are included in this schema.
If a non import-only module appears in multiple module
sets, then the module revision and the associated
features and deviations must be identical.";
}
}
list datastore { Each datastore indicates which schema it supports.
key "identifier";
description
"A datastore supported by this server.
Each datastore indicates which schema it supports. The server MUST instantiate one entry in this list
per specific datastore it supports.
The server MUST instantiate one entry in this list Each datstore entry with the same datastore schema
per specific datastore it supports. SHOULD reference the same schema.";
Each datstore entry with the same datastore schema leaf identifier {
SHOULD reference the same schema."; type ds:datastore-ref;
description
"The identity of the datastore.";
}
leaf schema {
type leafref {
path "../../schema/index";
leaf identifier { }
type ds:datastore-ref; mandatory true;
description description
"The identity of the datastore."; "A reference to the schema supported by this datastore.
} All non import-only modules of the schema are
leaf schema { implementedwith their associated features and
type leafref { deviations.";
path "../../schema/index"; }
} }
mandatory true; }
description
"A reference to the schema supported by this datastore.
All non import-only modules of the schema are
implementedwith their associated features and
deviations.";
}
}
}
/* /*
* Top-level container * Top-level container
*/ */
container yang-library { container yang-library {
config false; config false;
description description
"Container holding the entire YANG library of this server."; "Container holding the entire YANG library of this server.";
uses yang-library-parameters; uses yang-library-parameters;
leaf checksum { leaf checksum {
type binary; type binary;
mandatory true; mandatory true;
description description
"A server-generated checksum or digest of the contents of "A server-generated checksum or digest of the contents of
the 'yang-library' tree. The server MUST change the the 'yang-library' tree. The server MUST change the
value of this leaf if the information represented by value of this leaf if the information represented by
the 'yang-library' tree, except 'yang-library/checksum', the 'yang-library' tree, except 'yang-library/checksum',
has changed."; has changed.";
} }
} }
/* /*
* Notifications * Notifications
*/ */
notification yang-library-update { notification yang-library-update {
description description
"Generated when any YANG library information on the "Generated when any YANG library information on the
server has changed."; server has changed.";
leaf checksum { leaf checksum {
type leafref { type leafref {
path "/yanglib:yang-library/yanglib:checksum"; path "/yanglib:yang-library/yanglib:checksum";
} }
mandatory true; mandatory true;
description description
"Contains the YANG library checksum or digest for the "Contains the YANG library checksum or digest for the
updated YANG library at the time the notification is updated YANG library at the time the notification is
generated."; generated.";
} }
} }
} }
<CODE ENDS> <CODE ENDS>
5. IANA Considerations 5. IANA Considerations
5.1. YANG Module Registry 5.1. YANG Module Registration
This document registers one YANG module in the YANG Module Names This document registers one YANG module in the YANG Module Names
registry [RFC7950]. registry [RFC7950].
name: ietf-constrained-yang-library name: ietf-constrained-yang-library
namespace: urn:ietf:params:xml:ns:yang:ietf-constrained-yang-library namespace: urn:ietf:params:xml:ns:yang:ietf-constrained-yang-library
prefix: lib prefix: lib
reference: RFC XXXX reference: RFC XXXX
// RFC Ed.: replace XXXX with RFC number and remove this note // RFC Ed.: replace XXXX with RFC number and remove this note
5.2. YANG Namespace Registration
This document registers the following XML namespace URN in the "IETF
XML Registry", following the format defined in [RFC3688]:
URI: please assign urn:ietf:params:xml:ns:yang:ietf-constrained-yang-
library
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
Reference: RFC XXXX
// RFC Ed.: replace XXXX with RFC number and remove this note
6. Security Considerations 6. Security Considerations
The YANG module specified in this document defines a schema for data
that is designed to be accessed via network management protocols such
as NETCONF [RFC6241], RESTCONF [RFC8040] or CORECONF
[I-D.ietf-core-comi]. The lowest NETCONF layer is the secure
transport layer, and the mandatory-to-implement secure transport is
Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS,
and the mandatory-to-implement secure transport is TLS [RFC8446].
The lowest CORECONF layer is CoAP [RFC7252] and the mandatory-to-
implement security transport is any one of DTLS [RFC6347] and OSCORE
[RFC8613].
The Network Configuration Access Control Model (NACM) [RFC8341]
provides the means to restrict access for particular NETCONF or
RESTCONF users to a preconfigured subset of all available NETCONF or
RESTCONF protocol operations and content.
Some of the readable data nodes in this YANG module may be considered Some of the readable data nodes in this YANG module may be considered
sensitive or vulnerable in some network environments. It is thus sensitive or vulnerable in some network environments. It is thus
important to control read access to these data nodes. important to control read access (e.g., via get, get-config, or
notification) to these data nodes.
Specifically, the 'module' list may help an attacker to identify the Specifically, the 'module' list may help an attacker to identify the
server capabilities and server implementations with known bugs. server capabilities and server implementations with known bugs.
Server vulnerabilities may be specific to particular modules, module Server vulnerabilities may be specific to particular modules, module
revisions, module features, or even module deviations. This revisions, module features, or even module deviations. This
information is included in each module entry. For example, if a information is included in each module entry. For example, if a
particular operation on a particular data node is known to cause a particular operation on a particular data node is known to cause a
server to crash or significantly degrade device performance, then the server to crash or significantly degrade device performance, then the
module list information will help an attacker to identify server module list information will help an attacker to identify server
implementations with such a defect, in order to launch a denial of implementations with such a defect, in order to launch a denial of
service attack on these devices. service attack on these devices.
7. Acknowledgments 7. Acknowledgments
The YANG module defined by this memo have been derived from an The YANG module defined by this memo has been derived from an already
already existing YANG module, ietf-yang-library [RFC8525], we will existing YANG module, ietf-yang-library [RFC8525], we will like to
like to thanks to the authors of this YANG module. A special thank thank the authors of this YANG module. A special thank also to Andy
also to Andy Bierman for his initial recommendations for the creation Bierman for his initial recommendations for the creation of this YANG
of this YANG module. module. The authors would also like to thank Tom Petch for his help
during the development of this document and his useful comments
during the review process.
8. References 8. References
8.1. Normative References 8.1. Normative References
[I-D.ietf-core-comi]
Veillette, M., Stok, P., Pelov, A., Bierman, A., and I.
Petrov, "CoAP Management Interface (CORECONF)", draft-
ietf-core-comi-10 (work in progress), July 2020.
[I-D.ietf-core-sid]
Veillette, M., Pelov, A., and I. Petrov, "YANG Schema Item
iDentifier (YANG SID)", draft-ietf-core-sid-14 (work in
progress), July 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
<https://www.rfc-editor.org/info/rfc6241>.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011,
<https://www.rfc-editor.org/info/rfc6242>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347,
January 2012, <https://www.rfc-editor.org/info/rfc6347>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>.
[RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained
Application Protocol (CoAP)", RFC 7252,
DOI 10.17487/RFC7252, June 2014,
<https://www.rfc-editor.org/info/rfc7252>.
[RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language",
RFC 7950, DOI 10.17487/RFC7950, August 2016, RFC 7950, DOI 10.17487/RFC7950, August 2016,
<https://www.rfc-editor.org/info/rfc7950>. <https://www.rfc-editor.org/info/rfc7950>.
[RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
<https://www.rfc-editor.org/info/rfc8040>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams",
BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018,
<https://www.rfc-editor.org/info/rfc8340>. <https://www.rfc-editor.org/info/rfc8340>.
[RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration
Access Control Model", STD 91, RFC 8341,
DOI 10.17487/RFC8341, March 2018,
<https://www.rfc-editor.org/info/rfc8341>.
[RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K.,
and R. Wilton, "Network Management Datastore Architecture and R. Wilton, "Network Management Datastore Architecture
(NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018,
<https://www.rfc-editor.org/info/rfc8342>. <https://www.rfc-editor.org/info/rfc8342>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>.
[RFC8525] Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., [RFC8525] Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K.,
and R. Wilton, "YANG Library", RFC 8525, and R. Wilton, "YANG Library", RFC 8525,
DOI 10.17487/RFC8525, March 2019, DOI 10.17487/RFC8525, March 2019,
<https://www.rfc-editor.org/info/rfc8525>. <https://www.rfc-editor.org/info/rfc8525>.
8.2. Informative References [RFC8613] Selander, G., Mattsson, J., Palombini, F., and L. Seitz,
"Object Security for Constrained RESTful Environments
(OSCORE)", RFC 8613, DOI 10.17487/RFC8613, July 2019,
<https://www.rfc-editor.org/info/rfc8613>.
[I-D.ietf-core-sid] 8.2. Informative References
Veillette, M., Pelov, A., and I. Petrov, "YANG Schema Item
iDentifier (SID)", draft-ietf-core-sid-09 (work in
progress), January 2020.
[RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for
Constrained-Node Networks", RFC 7228, Constrained-Node Networks", RFC 7228,
DOI 10.17487/RFC7228, May 2014, DOI 10.17487/RFC7228, May 2014,
<https://www.rfc-editor.org/info/rfc7228>. <https://www.rfc-editor.org/info/rfc7228>.
Authors' Addresses Authors' Addresses
Michel Veillette (editor) Michel Veillette (editor)
Trilliant Networks Inc. Trilliant Networks Inc.
 End of changes. 78 change blocks. 
345 lines changed or deleted 423 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/