| < draft-ietf-netconf-sztp-csr-01.txt | draft-ietf-netconf-sztp-csr-02.txt > | |||
|---|---|---|---|---|
| NETCONF Working Group K. Watsen | NETCONF Working Group K. Watsen | |||
| Internet-Draft Watsen Networks | Internet-Draft Watsen Networks | |||
| Updates: 8572 (if approved) R. Housley | Updates: 8572 (if approved) R. Housley | |||
| Intended status: Standards Track Vigil Security, LLC | Intended status: Standards Track Vigil Security, LLC | |||
| Expires: 20 May 2021 S. Turner | Expires: 20 November 2021 S. Turner | |||
| sn3rd | sn3rd | |||
| 16 November 2020 | 19 May 2021 | |||
| Conveying a Certificate Signing Request (CSR) in a Secure Zero Touch | Conveying a Certificate Signing Request (CSR) in a Secure Zero Touch | |||
| Provisioning (SZTP) Bootstrapping Request | Provisioning (SZTP) Bootstrapping Request | |||
| draft-ietf-netconf-sztp-csr-01 | draft-ietf-netconf-sztp-csr-02 | |||
| Abstract | Abstract | |||
| This draft extends the "get-bootstrapping-data" RPC defined in RFC | This draft extends the "get-bootstrapping-data" RPC defined in RFC | |||
| 8572 to include an optional certificate signing request (CSR), | 8572 to include an optional certificate signing request (CSR), | |||
| enabling a bootstrapping device to additionally obtain an identity | enabling a bootstrapping device to additionally obtain an identity | |||
| certificate (e.g., an LDevID, from IEEE 802.1AR) as part of the | certificate (e.g., an LDevID, from IEEE 802.1AR) as part of the | |||
| "onboarding information" response provided in the RPC-reply. | "onboarding information" response provided in the RPC-reply. | |||
| Editorial Note (To be removed by RFC Editor) | Editorial Note (To be removed by RFC Editor) | |||
| skipping to change at page 1, line 42 ¶ | skipping to change at page 1, line 42 ¶ | |||
| * "XXXX" --> the assigned numerical RFC value for this draft | * "XXXX" --> the assigned numerical RFC value for this draft | |||
| * "AAAA" --> the assigned RFC value for I-D.ietf-netconf-crypto- | * "AAAA" --> the assigned RFC value for I-D.ietf-netconf-crypto- | |||
| types | types | |||
| Artwork in this document contains a placeholder value for the | Artwork in this document contains a placeholder value for the | |||
| publication date of this draft. Please apply the following | publication date of this draft. Please apply the following | |||
| replacement: | replacement: | |||
| * "2020-11-16" --> the publication date of this draft | * "2021-05-19" --> the publication date of this draft | |||
| This document contains references to other drafts in progress, both | This document contains references to other drafts in progress, both | |||
| in the Normative References section, as well as in body text | in the Normative References section, as well as in body text | |||
| throughout. Please update the following references to reflect their | throughout. Please update the following references to reflect their | |||
| final RFC assignments: | final RFC assignments: | |||
| * I-D.ietf-netconf-crypto-types | * I-D.ietf-netconf-crypto-types | |||
| * I-D.ietf-netconf-keystore | * I-D.ietf-netconf-keystore | |||
| * I-D.ietf-netconf-trust-anchors | * I-D.ietf-netconf-trust-anchors | |||
| skipping to change at page 2, line 25 ¶ | skipping to change at page 2, line 25 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 20 May 2021. | This Internet-Draft will expire on 20 November 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| and restrictions with respect to this document. Code Components | and restrictions with respect to this document. Code Components | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Simplified BSD License text | |||
| as described in Section 4.e of the Trust Legal Provisions and are | as described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Simplified BSD License. | |||
| skipping to change at page 13, line 12 ¶ | skipping to change at page 13, line 12 ¶ | |||
| to use the "ietf-truststore" module defined in | to use the "ietf-truststore" module defined in | |||
| [I-D.ietf-netconf-trust-anchors]. | [I-D.ietf-netconf-trust-anchors]. | |||
| 2.3. YANG Module | 2.3. YANG Module | |||
| This module augments an RPC defined in [RFC8572], uses a data type | This module augments an RPC defined in [RFC8572], uses a data type | |||
| defined in [I-D.ietf-netconf-crypto-types], has an normative | defined in [I-D.ietf-netconf-crypto-types], has an normative | |||
| references to [RFC2986] and [ITU.X690.2015], and an informative | references to [RFC2986] and [ITU.X690.2015], and an informative | |||
| reference to [Std-802.1AR-2018]. | reference to [Std-802.1AR-2018]. | |||
| <CODE BEGINS> file "ietf-sztp-csr@2020-11-16.yang" | <CODE BEGINS> file "ietf-sztp-csr@2021-05-19.yang" | |||
| module ietf-sztp-csr { | module ietf-sztp-csr { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-csr"; | namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-csr"; | |||
| prefix sztp-csr; | prefix sztp-csr; | |||
| import ietf-sztp-bootstrap-server { | import ietf-sztp-bootstrap-server { | |||
| prefix sztp-svr; | prefix sztp-svr; | |||
| reference "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | reference "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | |||
| } | } | |||
| skipping to change at page 14, line 26 ¶ | skipping to change at page 14, line 26 ¶ | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC | |||
| itself for full legal notices. | itself for full legal notices. | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this | |||
| document are to be interpreted as described in BCP 14 | document are to be interpreted as described in BCP 14 | |||
| (RFC 2119) (RFC 8174) when, and only when, they appear | (RFC 2119) (RFC 8174) when, and only when, they appear | |||
| in all capitals, as shown here."; | in all capitals, as shown here."; | |||
| revision 2020-11-16 { | revision 2021-05-19 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC XXXX: Conveying a Certificate Signing Request (CSR) | "RFC XXXX: Conveying a Certificate Signing Request (CSR) | |||
| in a Secure Zero Touch Provisioning (SZTP) | in a Secure Zero Touch Provisioning (SZTP) | |||
| Bootstrapping Request"; | Bootstrapping Request"; | |||
| } | } | |||
| identity certificate-request-format { | identity certificate-request-format { | |||
| description | description | |||
| skipping to change at page 27, line 8 ¶ | skipping to change at page 27, line 8 ¶ | |||
| prefix: sztp-csr | prefix: sztp-csr | |||
| reference: RFC XXXX | reference: RFC XXXX | |||
| 5. References | 5. References | |||
| 5.1. Normative References | 5.1. Normative References | |||
| [I-D.ietf-netconf-crypto-types] | [I-D.ietf-netconf-crypto-types] | |||
| Watsen, K., "YANG Data Types and Groupings for | Watsen, K., "YANG Data Types and Groupings for | |||
| Cryptography", Work in Progress, Internet-Draft, draft- | Cryptography", Work in Progress, Internet-Draft, draft- | |||
| ietf-netconf-crypto-types-18, 20 August 2020, | ietf-netconf-crypto-types-19, 10 February 2021, | |||
| <https://tools.ietf.org/html/draft-ietf-netconf-crypto- | <https://tools.ietf.org/html/draft-ietf-netconf-crypto- | |||
| types-18>. | types-19>. | |||
| [ITU.X690.2015] | [ITU.X690.2015] | |||
| International Telecommunication Union, "Information | International Telecommunication Union, "Information | |||
| Technology - ASN.1 encoding rules: Specification of Basic | Technology - ASN.1 encoding rules: Specification of Basic | |||
| Encoding Rules (BER), Canonical Encoding Rules (CER) and | Encoding Rules (BER), Canonical Encoding Rules (CER) and | |||
| Distinguished Encoding Rules (DER)", ITU-T Recommendation | Distinguished Encoding Rules (DER)", ITU-T Recommendation | |||
| X.690, ISO/IEC 8825-1, August 2015, | X.690, ISO/IEC 8825-1, August 2015, | |||
| <https://www.itu.int/rec/T-REC-X.690/>. | <https://www.itu.int/rec/T-REC-X.690/>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| skipping to change at page 28, line 7 ¶ | skipping to change at page 28, line 7 ¶ | |||
| [RFC8572] Watsen, K., Farrer, I., and M. Abrahamsson, "Secure Zero | [RFC8572] Watsen, K., Farrer, I., and M. Abrahamsson, "Secure Zero | |||
| Touch Provisioning (SZTP)", RFC 8572, | Touch Provisioning (SZTP)", RFC 8572, | |||
| DOI 10.17487/RFC8572, April 2019, | DOI 10.17487/RFC8572, April 2019, | |||
| <https://www.rfc-editor.org/info/rfc8572>. | <https://www.rfc-editor.org/info/rfc8572>. | |||
| 5.2. Informative References | 5.2. Informative References | |||
| [I-D.ietf-netconf-keystore] | [I-D.ietf-netconf-keystore] | |||
| Watsen, K., "A YANG Data Model for a Keystore", Work in | Watsen, K., "A YANG Data Model for a Keystore", Work in | |||
| Progress, Internet-Draft, draft-ietf-netconf-keystore-20, | Progress, Internet-Draft, draft-ietf-netconf-keystore-21, | |||
| 20 August 2020, <https://tools.ietf.org/html/draft-ietf- | 10 February 2021, <https://tools.ietf.org/html/draft-ietf- | |||
| netconf-keystore-20>. | netconf-keystore-21>. | |||
| [I-D.ietf-netconf-trust-anchors] | [I-D.ietf-netconf-trust-anchors] | |||
| Watsen, K., "A YANG Data Model for a Truststore", Work in | Watsen, K., "A YANG Data Model for a Truststore", Work in | |||
| Progress, Internet-Draft, draft-ietf-netconf-trust- | Progress, Internet-Draft, draft-ietf-netconf-trust- | |||
| anchors-13, 20 August 2020, <https://tools.ietf.org/html/ | anchors-14, 10 February 2021, | |||
| draft-ietf-netconf-trust-anchors-13>. | <https://tools.ietf.org/html/draft-ietf-netconf-trust- | |||
| anchors-14>. | ||||
| [I-D.ietf-netmod-factory-default] | [I-D.ietf-netmod-factory-default] | |||
| WU, Q., Lengyel, B., and Y. Niu, "A YANG Data Model for | Wu, Q., Lengyel, B., and Y. Niu, "A YANG Data Model for | |||
| Factory Default Settings", Work in Progress, Internet- | Factory Default Settings", Work in Progress, Internet- | |||
| Draft, draft-ietf-netmod-factory-default-15, 25 April | Draft, draft-ietf-netmod-factory-default-15, 25 April | |||
| 2020, <https://tools.ietf.org/html/draft-ietf-netmod- | 2020, <https://tools.ietf.org/html/draft-ietf-netmod- | |||
| factory-default-15>. | factory-default-15>. | |||
| [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | |||
| DOI 10.17487/RFC3688, January 2004, | DOI 10.17487/RFC3688, January 2004, | |||
| <https://www.rfc-editor.org/info/rfc3688>. | <https://www.rfc-editor.org/info/rfc3688>. | |||
| [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | |||
| End of changes. 13 change blocks. | ||||
| 16 lines changed or deleted | 17 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||