idnits 2.17.1 draft-ietf-netconf-restconf-notif-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == It seems as if not all pages are separated by form feeds - found 19 form feeds but 21 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 29, 2016) is 2766 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 6536 (Obsoleted by RFC 8341) ** Obsolete normative reference: RFC 7540 (Obsoleted by RFC 9113) ** Downref: Normative reference to an Informational RFC: RFC 7923 Summary: 4 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 NETCONF E. Voit 2 Internet-Draft A. Clemm 3 Intended status: Standards Track A. Gonzalez Prieto 4 Expires: April 2, 2017 A. Tripathy 5 E. Nilsen-Nygaard 6 Cisco Systems 7 A. Bierman 8 YumaWorks 9 September 29, 2016 11 Restconf and HTTP Transport for Event Notifications 12 draft-ietf-netconf-restconf-notif-01 14 Abstract 16 This document defines Restconf, HTTP2, and HTTP1.1 bindings for the 17 transport Subscription requests and corresponding push updates. 18 Being subscribed may be both Event Notifications and YANG Datastores. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on April 2, 2017. 37 Copyright Notice 39 Copyright (c) 2016 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Solution . . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 3.1. Mechanisms for Subscription Establishment and Maintenance 4 58 3.2. Dynamic YANG Subscription with RESTCONF control . . . . . 5 59 3.3. Subscription Multiplexing . . . . . . . . . . . . . . . . 8 60 3.4. Encoded Subscription and Event Notification Examples . . 9 61 3.5. Stream Discovery . . . . . . . . . . . . . . . . . . . . 14 62 4. Security Considerations . . . . . . . . . . . . . . . . . . . 14 63 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15 64 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 65 6.1. Normative References . . . . . . . . . . . . . . . . . . 15 66 6.2. Informative References . . . . . . . . . . . . . . . . . 16 67 Appendix A. Proxy YANG Subscription when the Subscriber and 68 Receiver are different . . . . . . . . . . . . . . . 17 69 Appendix B. End-to-End Deployment Guidance . . . . . . . . . . . 17 70 B.1. Call Home . . . . . . . . . . . . . . . . . . . . . . . . 17 71 B.2. TLS Heartbeat . . . . . . . . . . . . . . . . . . . . . . 18 72 Appendix C. Issues being worked and resolved . . . . . . . . . . 18 73 C.1. Unresolved Issues . . . . . . . . . . . . . . . . . . . . 18 74 C.2. Agreement in principal . . . . . . . . . . . . . . . . . 18 75 C.3. Resolved Issues . . . . . . . . . . . . . . . . . . . . . 18 76 Appendix D. Changes between revisions . . . . . . . . . . . . . 19 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 79 1. Introduction 81 Mechanisms to support Event subscription and push are defined in 82 [rfc5277bis]. Enhancements to [rfc5277bis] which enable YANG 83 Datastore subscription and push are defined in [yang-push]. This 84 document provides a transport specification for these protocols over 85 Restconf and HTTP. Driving these requirements is [RFC7923]. 87 The streaming of Subscription Event Notifications has synergies with 88 HTTP2 streams. Benefits which can be realized when transporting 89 events directly HTTP2 [RFC7540] include: 91 o Elimination of head-of-line blocking 93 o Weighting and proportional dequeuing of Events from different 94 subscriptions 96 o Explicit precedence in subscriptions so that events from one 97 subscription must be sent before another dequeues 99 2. Terminology 101 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 102 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 103 document are to be interpreted as described in RFC 2119 [RFC2119]. 105 Configured Subscription: a Subscription installed via a configuration 106 interface which persists across reboots. 108 Dynamic Subscription: a Subscription negotiated between Subscriber 109 and Publisher via create, establish, modify, and delete RPC signaling 110 messages. 112 Event: an occurrence of something that may be of interest. (e.g., a 113 configuration change, a fault, a change in status, crossing a 114 threshold, status of a flow, or an external input to the system.) 116 Event Notification: a set of information intended for a Receiver 117 indicating that one or more Event(s) have occurred. Details of the 118 Event(s) may be included within. 120 Event Stream: a continuous, ordered set of Events grouped under an 121 explicit criteria. 123 Notification: the communication of an occurrence, perhaps triggered 124 by the occurrence of an Event. 126 Publisher: an entity responsible for streaming Event Notifications 127 per the terms of a Subscription. 129 Receiver: a target to which a Publisher pushes Event Notifications. 130 For Dynamic Subscriptions, the Receiver and Subscriber will often be 131 the same entity. 133 Subscriber: an entity able to request and negotiate a contract for 134 the receipt of Event Notifications from a Publisher 136 Subscription: a contract between a Subscriber and a Publisher 137 stipulating which information the Receiver wishes to have pushed from 138 the Publisher without the need for further solicitation. 140 3. Solution 142 Event subscription is defined in [rfc5277bis], YANG Datastore 143 subscription is defined in [yang-push]. This section specifies 144 transport mechanisms applicable to both. 146 3.1. Mechanisms for Subscription Establishment and Maintenance 148 There are three models for Subscription establishment and 149 maintenance: 151 1. Dynamic Subscription: Here the Subscriber and Receiver are the 152 same. A Subscription ends with a subscription-terminated 153 notification, or by a loss of transport connectivity. 155 2. Configured Subscription: Receiver(s) are specified on Publisher 156 in startup and running config. Subscription is not terminated 157 except via an operations interface. (Subscriptions may be 158 Suspended, with no Event Notifications sent however.) 160 3. Proxy Subscription: Subscriber and Receiver are different. 161 Subscription ends when a Subscription End-time is reached, or the 162 Publisher process is restarted. A key difference between this 163 and configured subscriptions (#2) is that configuration requests 164 are made to RPCs which might evaluate run-time conditions much 165 like in (#1). Typically direct configuration via (#2) will not 166 go through the same sort of capacity and validation checks seen 167 in (#1). 169 The first two models are described in this section. The third is 170 described in Appendix A. This third model will be moved into the 171 body of this specification should the IETF community desire. In 172 theory, all three models may be intermixed in a single deployment. 174 .---------------. 175 | Publisher | 176 '---------------' 177 ^ ^ | ^ 178 | | | | 179 .-----Restconf----' | | '-----Restconf----. 180 | .-----' '-HTTP-. | 181 V | V | 182 .-------------. .------------. .----------. .------------. 183 | Subscriber+ | | Operations | | Receiver | | Subscriber | 184 | Receiver | | /Config | '----------' '------------' 185 '-------------' '------------' ^ ^ ^ 186 ^ (out of scope) : : : 187 : ^ : :...Model #3....: 188 Model #1 :..Model #2...: (out of scope) 190 Figure 1: Subscription Models 192 3.2. Dynamic YANG Subscription with RESTCONF control 194 Dynamic Subscriptions for both [rfc5277bis] and its [yang-push] 195 augmentations are configured and managed via signaling messages 196 transported over [restconf]. These interactions will be accomplished 197 via a Restconf POST into RPCs located on the Publisher. HTTP 198 responses codes will indicate the results of the interaction with the 199 Publisher. An HTTP status code of 200 is the proper response to a 200 successful RPC call. The successful 201 will result in a HTTP message with returned 202 subscription URI on a logically separate mechanism than was used for 203 the original Restconf POST. This mechanism would be via a parallel 204 TCP connection in the case of HTTP 1.x, or in the case of HTTP2 via a 205 separate HTTP stream within the HTTP connection. When a being 206 returned by the Publisher, failure will be indicated by error codes 207 transported in payload, as well as the return of negotiation 208 parameters. 210 Once established, streaming Event Notifications are then delivered 211 via SSE for HTTP1.1 and via HTTP Data for HTTP2. 213 3.2.1. Call Flow for HTTP2 215 Requests to [yang-push] augmented RPCs are sent on one or more HTTP2 216 streams indicated by (a) in Figure 2. Event Notifications related to 217 a single subscription are pushed on a unique logical channel (b). In 218 the case below, a newly established subscription has its events 219 pushed over HTTP2 stream (7). 221 +------------+ +------------+ 222 | Subscriber | | Publisher | 223 |HTTP2 Stream| |HTTP2 Stream| 224 | (a) (b) | | (a) (b) | 225 +------------+ +------------+ 226 | Restconf POST (RPC:establish-subscription) | 227 |--------------------------------------------->| 228 | HTTP 200 OK (URI)| 229 |<---------------------------------------------| 230 | (7)HTTP POST (URI) (7) 231 | |--------------------------------------------->| 232 | | HTTP 200 OK| 233 | |<---------------------------------------------| 234 | | HTTP Data (event-notif)| 235 | |<---------------------------------------------| 236 | Restconf POST (RPC:modify-subscription) | | 237 |--------------------------------------------->| | 238 | | HTTP 200 OK| | 239 |<---------------------------------------------| | 240 | | HTTP Data (subscription-modified)| 241 | |<---------------------------------------------| 242 | | HTTP Data (event-notif)| 243 | |<---------------------------------------------| 244 | Restconf POST (RPC:delete-subscription) | | 245 |--------------------------------------------->| | 246 | | HTTP 200 OK| | 247 |<---------------------------------------------| | 248 | | HTTP Headers (end of stream)| 249 | (/7)<-----------------------------------------(/7) 250 | 252 Figure 2: Dynamic with HTTP2 254 3.2.2. Call flow for HTTP1.1 256 Requests to [yang-push] RPCs are sent on the TCP connection indicated 257 by (a). Event Notifications are pushed on a separate connection (b). 258 This connection (b) will be used for all Event Notifications across 259 all subscriptions. 261 +--------------+ +--------------+ 262 | Subscriber | | Publisher | 263 |TCP connection| |TCP connection| 264 | (a) (b) | | (a) (b) | 265 +--------------+ +--------------+ 266 | Restconf POST (RPC:establish-subscription) | 267 |--------------------------------------------->| 268 | HTTP 200 OK (URI)| 269 |<---------------------------------------------| 270 | |HTTP GET (URI) | 271 | |--------------------------------------------->| 272 | | HTTP 200 OK| 273 | |<---------------------------------------------| 274 | | SSE (event-notif)| 275 | |<---------------------------------------------| 276 | Restconf POST (RPC:modify-subscription) | | 277 |--------------------------------------------->| | 278 | | HTTP 200 OK| | 279 |<---------------------------------------------| | 280 | | SSE (subscription-modified)| 281 | |<---------------------------------------------| 282 | | SSE (event-notif)| 283 | |<---------------------------------------------| 284 | Restconf POST (RPC:delete-subscription) | | 285 |--------------------------------------------->| | 286 | | HTTP 200 OK| | 287 |<---------------------------------------------| | 288 | | | 289 | | 291 Figure 3: Dynamic with HTTP1.1 293 3.2.3. Configured Subscription over HTTP2 295 With a Configured Subscription, all information needed to establish a 296 secure relationship with that Receiver is available on the Publisher. 297 With this information, the Publisher will establish a secure 298 transport connection with the Receiver and then begin pushing the 299 Event Notifications to the Receiver. Since Restconf might not exist 300 on the Receiver, it is not desirable to require that such Event 301 Notifications be pushed with any dependency on Restconf. Nor is 302 there value which Restconf provides on top of HTTP. Therefore in 303 place of Restconf, a TLS secured HTTP2 Client connection must be 304 established with an HTTP2 Server located on the Receiver. Event 305 Notifications will then be sent as part of an extended HTTP POST to 306 the Receiver. 308 POST messages will be addressed to HTTP augmentation code on the 309 Receiver capable of accepting and responding to Event Notifications. 310 The first POST message must be a subscription-started notification. 311 Push update notifications must not be sent until the receipt of an 312 HTTP 200 OK for this initial notification. The 200 OK will indicate 313 that the Receiver is ready for Event Notifications. At this point a 314 Subscription must be allocated its own HTTP2 stream. Figure 4 315 depicts this message flow. 317 +------------+ +------------+ 318 | Receiver | | Publisher | 319 |HTTP2 Stream| |HTTP2 Stream| 320 | (a) (b) | | (a) (b) | 321 +------------+ +------------+ 322 | HTTP Post Headers, Data (sub-start, SubID)| 323 |<---------------------------------------------| 324 | HTTP 200 OK | 325 |--------------------------------------------->| 326 | | HTTP Post Headers, Data (event-notif)| 327 | |<---------------------------------------------| 328 | | HTTP Data (event-notif)| 329 | |<---------------------------------------------| 330 | | HTTP Data (sub-terminate)| 331 | |<---------------------------------------------| 332 | |HTTP 200 OK | 333 | |--------------------------------------------->| 335 Figure 4: Configured over HTTP2 337 As the HTTP2 transport is available to the Receiver, the Publisher 338 should: 340 o take any subscription-priority and copy it into the HTTP2 stream 341 priority, and 343 o take a subscription-dependency if it has been provided and map the 344 HTTP2 stream for the parent subscription into the HTTP2 stream 345 dependency. 347 3.3. Subscription Multiplexing 349 It is possible that updates might be delivered in a different 350 sequence than generated. Reasons for this might include (but are not 351 limited to): 353 o replay of pushed updates 354 o temporary loss of transport connectivity, with update buffering 355 and different dequeuing priorities per Subscription 357 o population, marshalling and bundling of independent Subscription 358 Updates, and 360 Therefore each Event Notification will include a millisecond level 361 timestamp to ensure that a Receiver understands the time when a that 362 update was generated. Use of this timestamp can give an indication 363 of the state of objects at a Publisher when state-entangled 364 information is received across different subscriptions. The use of 365 the latest Event Notification timestamp for a particular object 366 update can introduce errors. So when state-entangled updates have 367 inconsistent object values and temporally close timestamps, a 368 Receiver might consider performing a GET to validate the current 369 state of a Publisher. 371 3.4. Encoded Subscription and Event Notification Examples 373 Transported updates will contain context data for one or more Event 374 Notifications. Each transported Event Notification will contain 375 several parameters: 377 3.4.1. Restconf Subscription and Events over HTTP1.1 379 Subscribers can dynamically learn whether a RESTCONF server supports 380 various types of Event or Yang datastore subscription capabilities. 381 This is done by issuing an HTTP request OPTIONS, HEAD, or GET on the 382 stream. Some examples building upon the Call flow for HTTP1.1 from 383 Section 3.2.2 are: 385 GET /restconf/data/ietf-restconf-monitoring:restconf-state/ 386 streams/stream=yang-push HTTP/1.1 387 Host: example.com 388 Accept: application/yang.data+xml 390 If the server supports it, it may respond 391 HTTP/1.1 200 OK 392 Content-Type: application/yang.api+xml 393 394 yang-push 395 Yang push stream 396 397 xml 398 https://example.com/streams/yang-push-xml 399 400 401 402 json 403 https://example.com/streams/yang-push-json 404 405 406 408 If the server does not support any form of subscription, it may 409 respond 411 HTTP/1.1 404 Not Found 412 Date: Mon, 25 Apr 2012 11:10:30 GMT 413 Server: example-server 415 Subscribers can determine the URL to receive updates by sending an 416 HTTP GET as a request for the "location" leaf with the stream list 417 entry. The stream to use for may be selected from the Event Stream 418 list provided in the capabilities exchange. Note that different 419 encodings are supporting using different Event Stream locations. For 420 example, the Subscriber might send the following request: 422 GET /restconf/data/ietf-restconf-monitoring:restconf-state/ 423 streams/stream=yang-push/access=xml/location HTTP/1.1 424 Host: example.com 425 Accept: application/yang.data+xml 427 The Publisher might send the following response: 429 HTTP/1.1 200 OK 430 Content-Type: application/yang.api+xml 431 433 https://example.com/streams/yang-push-xml 434 436 To subscribe and start receiving updates, the subscriber can then 437 send an HTTP GET request for the URL returned by the Publisher in the 438 request above. The accept header must be "text/event-stream". The 439 Publisher uses the Server Sent Events [W3C-20150203] transport 440 strategy to push filtered Event Notifications from the Event stream. 442 The Publisher MUST support individual parameters within the POST 443 request body for all the parameters of a subscription. The only 444 exception is the encoding, which is embedded in the URI. An example 445 of this is: 447 // subtree filter = /foo 448 // periodic updates, every 5 seconds 449 POST /restconf/operations/ietf-event-notifications: 450 establish-subscription HTTP/1.1 451 Host: example.com 452 Content-Type: application/yang-data+json 454 { 455 "ietf-event-notifications:input" : { 456 ?stream?: ?push-data" 457 ?period" : 5, 458 "xpath-filter" : ?/ex:foo[starts-with(?bar?.?some']" 459 } 460 } 462 Should the publisher not support the requested subscription, it may 463 reply: 465 HTTP/1.1 501 Not Implemented 466 Date: Mon, 23 Apr 2012 17:11:00 GMT 467 Server: example-server 468 Content-Type: application/yang.errors+xml 469 470 471 application 472 operation-not-supported 473 error 474 Xpath filters not supported 475 476 478 479 480 481 482 484 with an equivalent JSON encoding representation of: 486 HTTP/1.1 501 Not Implemented 487 Date: Mon, 23 Apr 2012 17:11:00 GMT 488 Server: example-server 489 Content-Type: application/yang.errors+json 490 { 491 "ietf-restconf:errors": { 492 "error": { 493 "error-type": "protocol", 494 "error-tag": "operation-not-supported", 495 "error-message": "Xpath filters not supported." 496 "error-info": { 497 "datastore-push:supported-subscription": { 498 "subtree-filter": [null] 499 } 500 } 501 } 502 } 503 } 505 The following is an example of a pushed Event Notification data for 506 the Subscription above. It contains a subtree with root foo that 507 contains a leaf called bar: 509 XML encoding representation: 510 511 512 514 my-sub 515 516 2015-03-09T19:14:56.23Z 517 519 520 some_string 521 522 523 525 Or with the equivalent YANG over JSON encoding representation as 526 defined in [RFC7951]: 528 { 529 "ietf-restconf:notification": { 530 "datastore-push:subscription-id": "my-sub", 531 "eventTime": "2015-03-09T19:14:56.23Z", 532 "datastore-push:datastore-contents": { 533 "example-mod:foo": { "bar": "some_string" } 534 } 535 } 536 } 538 To modify a Subscription, the subscriber issues another POST request 539 on the provided URI using the same subscription-id as in the original 540 request. For example, to modify the update period to 10 seconds, the 541 subscriber may send: 543 POST /restconf/operations/ietf-event-notifications: 544 modify-subscription HTTP/1.1 545 Host: example.com 546 Content-Type: application/yang-data+json 548 { 549 "ietf-event-notifications:input" : { 550 ?subscription-id?: 100, 551 ?period" : 10 552 } 553 } 555 To delete a Subscription, the Subscriber issues a DELETE request on 556 the provided URI using the same subscription-id as in the original 557 request 559 3.4.2. Event Notification over HTTP2 561 The basic encoding will look as below. It will consists of a JSON 562 representation wrapped in an HTTP2 header. 564 HyperText Transfer Protocol 2 565 Stream: HEADERS, Stream ID: 5 566 Header: :method: POST 567 Stream: HEADERS, Stream ID: 5 569 { 570 "ietf-yangpush:notification": { 571 "datastore-push:subscription-id": "my-sub", 572 "eventTime": "2015-03-09T19:14:56.23Z", 573 "datastore-push:datastore-contents": { 574 "foo": { "bar": "some_string" } 575 } 576 } 577 } 579 3.5. Stream Discovery 581 Relevant for Dynamic Subscriptions, this will be accomplished as 582 specified in [restconf] section 6.2. The namespace chosen will be 583 the same as how stream names are acquired for NETCONF, and so that 584 backwards compatibility can be maintained without replicating this 585 information. 587 As per [restconf] section 6.3, RESTCONF clients can determine the URL 588 for the subscription resource (to receive notifications) by sending 589 an HTTP GET request for the "location" leaf with the stream list 590 entry. 592 4. Security Considerations 594 Subscriptions could be used to intentionally or accidentally overload 595 the resources of a Publisher. For this reason, it is important that 596 the Publisher has the ability to prioritize the establishment and 597 push of Event Notifications where there might be resource exhaust 598 potential. In addition, a server needs to be able to suspend 599 existing Subscriptions when needed. When this occurs, the 600 subscription status must be updated accordingly and the Receivers 601 notified. 603 A Subscription could be used to attempt retrieve information for 604 which a Receiver has no authorized access. Therefore it is important 605 that data pushed via a Subscription is authorized equivalently with 606 regular data retrieval operations. Data being pushed to a Receiver 607 needs therefore to be filtered accordingly, just like if the data 608 were being retrieved on-demand. The Netconf Authorization Control 609 Model [RFC6536] applies even though the transport is not NETCONF. 611 One or more Publishers of Configured Subscriptions could be used to 612 overwhelm a Receiver which doesn't even support Subscriptions. There 613 are two protections here. First Event Notifications for Configured 614 Subscriptions MUST only be transmittable over Encrypted transports. 615 Clients which do not want pushed Event Notifications need only 616 terminate or refuse any transport sessions from the Publisher. 617 Second, the HTTP transport augmentation on the Receiver must send an 618 HTTP 200 OK to a subscription started notification before the 619 Publisher starts streaming any events. 621 One or more Publishers could overwhelm a Receiver which is unable to 622 control or handle the volume of Event Notifications received. In 623 deployments where this might be a concern, HTTP2 transport such as 624 HTTP2) should be selected. 626 5. Acknowledgments 628 We wish to acknowledge the helpful contributions, comments, and 629 suggestions that were received from: Susan Hares, Tim Jenkins, Balazs 630 Lengyel, Kent Watsen, Michael Scharf, and Guangying Zheng. 632 6. References 634 6.1. Normative References 636 [restconf] 637 Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 638 Protocol", March 2016, . 641 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 642 Requirement Levels", BCP 14, RFC 2119, 643 DOI 10.17487/RFC2119, March 1997, 644 . 646 [RFC6520] Seggelmann, R., Tuexen, M., and M. Williams, "Transport 647 Layer Security (TLS) and Datagram Transport Layer Security 648 (DTLS) Heartbeat Extension", RFC 6520, 649 DOI 10.17487/RFC6520, February 2012, 650 . 652 [RFC6536] Bierman, A. and M. Bjorklund, "Network Configuration 653 Protocol (NETCONF) Access Control Model", RFC 6536, 654 DOI 10.17487/RFC6536, March 2012, 655 . 657 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 658 Transfer Protocol Version 2 (HTTP/2)", RFC 7540, 659 DOI 10.17487/RFC7540, May 2015, 660 . 662 [RFC7923] Voit, E., Clemm, A., and A. Gonzalez Prieto, "Requirements 663 for Subscription to YANG Datastores", RFC 7923, 664 DOI 10.17487/RFC7923, June 2016, 665 . 667 [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", 668 RFC 7951, DOI 10.17487/RFC7951, August 2016, 669 . 671 6.2. Informative References 673 [call-home] 674 Watsen, K., "NETCONF Call Home and RESTCONF Call Home", 675 December 2015, . 678 [rfc5277bis] 679 Gonzalez Prieto, A., Clemm, A., Voit, E., Prasad Tripathy, 680 A., and E. Nilsen-Nygaard, "NETCONF Event Notifications", 681 September 2016, . 684 [W3C-20150203] 685 "Server-Sent Events, World Wide Web Consortium CR CR- 686 eventsource-20121211", February 2015, 687 . 689 [yang-push] 690 Clemm, A., Voit, E., Gonzalez Prieto, A., Prasad Tripathy, 691 A., and E. Nilsen-Nygaard, "Subscribing to YANG datastore 692 push updates", June 2016, 693 . 696 Appendix A. Proxy YANG Subscription when the Subscriber and Receiver 697 are different 699 The properties of Dynamic and Configured Subscriptions can be 700 combined to enable deployment models where the Subscriber and 701 Receiver are different. Such separation can be useful with some 702 combination of: 704 o An operator does not want the subscription to be dependent on the 705 maintenance of transport level keep-alives. (Transport 706 independence provides different scalability characteristics.) 708 o There is not a transport session binding, and a transient 709 Subscription needs to survive in an environment where there is 710 unreliable connectivity with the Receiver and/or Subscriber. 712 o An operator wants the Publisher to include highly restrictive 713 capacity management and Subscription security mechanisms outside 714 of domain of existing operational or programmatic interfaces. 716 To build a Proxy Subscription, first the necessary information must 717 be signaled as part of the . Using this set 718 of Subscriber provided information; the same process described within 719 section 3 will be followed. There is one exception. Only when an 720 HTTP status code of 200 comes back from the receiver, will it inform 721 the Subscriber of Subscription establishment success via its Restconf 722 connection. 724 After a successful establishment, if the Subscriber wishes to track 725 the state of Receiver subscriptions, it may choose to place a 726 separate on-change Subscription into the "Subscriptions" subtree of 727 the YANG Datastore on the Publisher. 729 Appendix B. End-to-End Deployment Guidance 731 Several technologies are expected to be seen within a deployment to 732 achieve security and ease-of-use requirements. These are not 733 necessary for an implementation of this specification, but will be 734 useful to consider when considering the operational context. 736 B.1. Call Home 738 Pub/Sub implementations should have the ability to transparently 739 incorporate [call-home] so that secure TLS connections can originate 740 from the desired device. 742 B.2. TLS Heartbeat 744 HTTP sessions might not quickly allow a Subscriber to recognize when 745 the communication path has been lost from the Publisher. To 746 recognize this, it is possible for a Receiver to establish a TLS 747 heartbeat [RFC6520]. In the case where a TLS heartbeat is included, 748 it should be sent just from Receiver to Publisher. Loss of the 749 heartbeat should result in any Subscription related TCP sessions 750 between those endpoints being torn down. The subscription can then 751 attempt to re-establish. 753 Appendix C. Issues being worked and resolved 755 (To be removed by RFC editor prior to publication) 757 C.1. Unresolved Issues 759 RT3 - Do we include 3rd party signaled subscriptions within models 760 that need to be supported generically, or for a particular type of 761 transport. 763 RT10 - Right now the examples show a YANG timestamp at the hundredths 764 of a second level. But the yang-push draft is at seconds. And the 765 requirements show at least milliseconds (if not more). 767 C.2. Agreement in principal 769 RT4 - Need to add into document examples of 5277bis Event streams. 770 Document only includes yang-push examples at this point. 772 RT6 - We need to define encodings of rfc5277bis notifications. 774 C.3. Resolved Issues 776 RT1 - Integration specifics for Restconf capability discovery on 777 different types of Streams 779 RT2 - In what way to we position Event notifications model in this 780 document vs. current solution in Restconf. 782 RT5 - Doesn't make sense to use Restconf for Configured 783 subscriptions. HTTP will be used. 785 RT7 - HTTP native option doesn't currently use SSE. But we should 786 evaluate moving to that as possible. It will make development 787 integration easier and more consistent. 789 RT8 - Once SSE starts, there will be no more Restconf interpretation 790 of further signaling upon the connection. It is unclear how this can 791 be made to work with modify and delete subscription. If it cannot, a 792 method of sending events without SSE will be needed, although this 793 would diverge from the existing Restconf mechanisms 795 RT9 - For static subscriptions, perhaps we can use Restconf call home 796 to originate an SSE connection. This assume RT8 & RT2 can be 797 resolved with SSE. 799 Appendix D. Changes between revisions 801 (To be removed by RFC editor prior to publication) 803 v00 - v01 805 o Removed the ability for more than one subscription to go to a 806 single HTTP2 stream. 808 o Updated call flows. Extensively. 810 o SSE only used with Restconf and HTTP1.1 Dynamic Subscriptions 812 o HTTP is not used to determine that a Receiver has gone silent and 813 is not Receiving Event Notifications 815 o Many clean-ups of wording and terminology 817 Authors' Addresses 819 Eric Voit 820 Cisco Systems 822 Email: evoit@cisco.com 824 Alexander Clemm 825 Cisco Systems 827 Email: alex@clemm.org 829 Alberto Gonzalez Prieto 830 Cisco Systems 832 Email: albertgo@cisco.com 833 Ambika Prasad Tripathy 834 Cisco Systems 836 Email: ambtripa@cisco.com 838 Einar Nilsen-Nygaard 839 Cisco Systems 841 Email: einarnn@cisco.com 843 Andy Bierman 844 YumaWorks 846 Email: andy@yumaworks.com