| ietf-sztp-conveyed-info@2019-03-31.yang | ietf-sztp-conveyed-info@2019-03-31-formatted.yang | |||
|---|---|---|---|---|
| module ietf-sztp-conveyed-info { | module ietf-sztp-conveyed-info { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-conveyed-info"; | namespace "urn:ietf:params:xml:ns:yang:ietf-sztp-conveyed-info"; | |||
| prefix sztp-info; | prefix sztp-info; | |||
| import ietf-yang-types { | import ietf-yang-types { | |||
| prefix yang; | prefix yang; | |||
| reference "RFC 6991: Common YANG Data Types"; | reference | |||
| "RFC 6991: Common YANG Data Types"; | ||||
| } | } | |||
| import ietf-inet-types { | import ietf-inet-types { | |||
| prefix inet; | prefix inet; | |||
| reference "RFC 6991: Common YANG Data Types"; | reference | |||
| "RFC 6991: Common YANG Data Types"; | ||||
| } | } | |||
| import ietf-restconf { | import ietf-restconf { | |||
| prefix rc; | prefix rc; | |||
| reference "RFC 8040: RESTCONF Protocol"; | reference | |||
| "RFC 8040: RESTCONF Protocol"; | ||||
| } | } | |||
| organization | organization | |||
| "IETF NETCONF (Network Configuration) Working Group"; | "IETF NETCONF (Network Configuration) Working Group"; | |||
| contact | contact | |||
| "WG Web: <https://datatracker.ietf.org/wg/netconf/> | "WG Web: <https://datatracker.ietf.org/wg/netconf/> | |||
| WG List: <mailto:netconf@ietf.org> | WG List: <mailto:netconf@ietf.org> | |||
| Author: Kent Watsen <mailto:kwatsen@juniper.net>"; | Author: Kent Watsen <mailto:kwatsen@juniper.net>"; | |||
| description | description | |||
| "This module defines the data model for the conveyed | "This module defines the data model for the conveyed | |||
| information artifact defined in RFC 8572 ('Secure Zero Touch | information artifact defined in RFC 8572 ('Secure Zero Touch | |||
| Provisioning (SZTP)'). | Provisioning (SZTP)'). | |||
| The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document | |||
| are to be interpreted as described in BCP 14 (RFC 2119) | are to be interpreted as described in BCP 14 (RFC 2119) | |||
| (RFC 8174) when, and only when, they appear in all | (RFC 8174) when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| Copyright (c) 2019 IETF Trust and the persons identified as | Copyright (c) 2019 IETF Trust and the persons identified as | |||
| authors of the code. All rights reserved. | authors of the code. All rights reserved. | |||
| Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
| without modification, is permitted pursuant to, and subject | without modification, is permitted pursuant to, and subject | |||
| to the license terms contained in, the Simplified BSD License | to the license terms contained in, the Simplified BSD License | |||
| set forth in Section 4.c of the IETF Trust's Legal Provisions | set forth in Section 4.c of the IETF Trust's Legal Provisions | |||
| Relating to IETF Documents | Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC 8572; see the | This version of this YANG module is part of RFC 8572; see the | |||
| RFC itself for full legal notices."; | RFC itself for full legal notices."; | |||
| revision 2019-03-31 { | revision 2019-03-31 { | |||
| description | description | |||
| "Initial version"; | "Initial version"; | |||
| reference | reference | |||
| "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | |||
| } | } | |||
| // identities | // identities | |||
| identity hash-algorithm { | identity hash-algorithm { | |||
| description | description | |||
| "A base identity for hash algorithm verification."; | "A base identity for hash algorithm verification."; | |||
| } | } | |||
| identity sha-256 { | identity sha-256 { | |||
| base "hash-algorithm"; | base hash-algorithm; | |||
| description "The SHA-256 algorithm."; | description | |||
| reference "RFC 6234: US Secure Hash Algorithms"; | "The SHA-256 algorithm."; | |||
| reference | ||||
| "RFC 6234: US Secure Hash Algorithms"; | ||||
| } | } | |||
| // typedefs | // typedefs | |||
| typedef cms { | typedef cms { | |||
| type binary; | type binary; | |||
| description | description | |||
| "A ContentInfo structure, as specified in RFC 5652, | "A ContentInfo structure, as specified in RFC 5652, | |||
| encoded using ASN.1 distinguished encoding rules (DER), | encoded using ASN.1 distinguished encoding rules (DER), | |||
| as specified in ITU-T X.690."; | as specified in ITU-T X.690."; | |||
| skipping to change at line 91 ¶ | skipping to change at line 94 ¶ | |||
| "RFC 5652: | "RFC 5652: | |||
| Cryptographic Message Syntax (CMS) | Cryptographic Message Syntax (CMS) | |||
| ITU-T X.690: | ITU-T X.690: | |||
| Information technology - ASN.1 encoding rules: | Information technology - ASN.1 encoding rules: | |||
| Specification of Basic Encoding Rules (BER), | Specification of Basic Encoding Rules (BER), | |||
| Canonical Encoding Rules (CER) and Distinguished | Canonical Encoding Rules (CER) and Distinguished | |||
| Encoding Rules (DER)"; | Encoding Rules (DER)"; | |||
| } | } | |||
| // yang-data | // yang-data | |||
| rc:yang-data conveyed-information { | ||||
| rc:yang-data "conveyed-information" { | ||||
| choice information-type { | choice information-type { | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "This choice statement ensures the response contains | "This choice statement ensures the response contains | |||
| redirect-information or onboarding-information."; | redirect-information or onboarding-information."; | |||
| container redirect-information { | container redirect-information { | |||
| description | description | |||
| "Redirect information is described in Section 2.1 of | "Redirect information is described in Section 2.1 of | |||
| RFC 8572. Its purpose is to redirect a device to | RFC 8572. Its purpose is to redirect a device to | |||
| another bootstrap server."; | another bootstrap server."; | |||
| skipping to change at line 114 ¶ | skipping to change at line 116 ¶ | |||
| "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | "RFC 8572: Secure Zero Touch Provisioning (SZTP)"; | |||
| list bootstrap-server { | list bootstrap-server { | |||
| key "address"; | key "address"; | |||
| min-elements 1; | min-elements 1; | |||
| description | description | |||
| "A bootstrap server entry."; | "A bootstrap server entry."; | |||
| leaf address { | leaf address { | |||
| type inet:host; | type inet:host; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "The IP address or hostname of the bootstrap server the | "The IP address or hostname of the bootstrap server the | |||
| device should redirect to."; | device should redirect to."; | |||
| } | } | |||
| leaf port { | leaf port { | |||
| type inet:port-number; | type inet:port-number; | |||
| default "443"; | default "443"; | |||
| description | description | |||
| "The port number the bootstrap server listens on. If no | "The port number the bootstrap server listens on. If no | |||
| port is specified, the IANA-assigned port for 'https' | port is specified, the IANA-assigned port for 'https' | |||
| (443) is used."; | (443) is used."; | |||
| } | } | |||
| leaf trust-anchor { | leaf trust-anchor { | |||
| type cms; | type cms; | |||
| description | description | |||
| "A CMS structure that MUST contain the chain of | "A CMS structure that MUST contain the chain of | |||
| X.509 certificates needed to authenticate the TLS | X.509 certificates needed to authenticate the TLS | |||
| certificate presented by this bootstrap server. | certificate presented by this bootstrap server. | |||
| The CMS MUST only contain a single chain of | The CMS MUST only contain a single chain of | |||
| certificates. The bootstrap server MUST only | certificates. The bootstrap server MUST only | |||
| skipping to change at line 202 ¶ | skipping to change at line 204 ¶ | |||
| MAY establish an untrusted connection to the remote | MAY establish an untrusted connection to the remote | |||
| server, by blindly accepting the server's end-entity | server, by blindly accepting the server's end-entity | |||
| certificate, to obtain the boot image."; | certificate, to obtain the boot image."; | |||
| } | } | |||
| list image-verification { | list image-verification { | |||
| must '../download-uri' { | must '../download-uri' { | |||
| description | description | |||
| "Download URIs must be provided if an image is to | "Download URIs must be provided if an image is to | |||
| be verified."; | be verified."; | |||
| } | } | |||
| key hash-algorithm; | key "hash-algorithm"; | |||
| description | description | |||
| "A list of hash values that a device can use to verify | "A list of hash values that a device can use to verify | |||
| boot image files with."; | boot image files with."; | |||
| leaf hash-algorithm { | leaf hash-algorithm { | |||
| type identityref { | type identityref { | |||
| base "hash-algorithm"; | base hash-algorithm; | |||
| } | } | |||
| description | description | |||
| "Identifies the hash algorithm used."; | "Identifies the hash algorithm used."; | |||
| } | } | |||
| leaf hash-value { | leaf hash-value { | |||
| type yang:hex-string; | type yang:hex-string; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "The hex-encoded value of the specified hash | "The hex-encoded value of the specified hash | |||
| algorithm over the contents of the boot image | algorithm over the contents of the boot image | |||
| file."; | file."; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| leaf configuration-handling { | leaf configuration-handling { | |||
| type enumeration { | type enumeration { | |||
| enum "merge" { | enum merge { | |||
| description | description | |||
| "Merge configuration into the running datastore."; | "Merge configuration into the running datastore."; | |||
| } | } | |||
| enum "replace" { | enum replace { | |||
| description | description | |||
| "Replace the existing running datastore with the | "Replace the existing running datastore with the | |||
| passed configuration."; | passed configuration."; | |||
| } | } | |||
| } | } | |||
| must '../configuration'; | must '../configuration'; | |||
| description | description | |||
| "This enumeration indicates how the server should process | "This enumeration indicates how the server should process | |||
| the provided configuration."; | the provided configuration."; | |||
| } | } | |||
| End of changes. 18 change blocks. | ||||
| 38 lines changed or deleted | 40 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||