| draft-ietf-netmod-snmp-cfg-07.txt | draft-ietf-netmod-snmp-cfg-08.txt | |||
|---|---|---|---|---|
| Network Working Group M. Bjorklund | Network Working Group M. Bjorklund | |||
| Internet-Draft Tail-f Systems | Internet-Draft Tail-f Systems | |||
| Intended status: Standards Track J. Schoenwaelder | Intended status: Standards Track J. Schoenwaelder | |||
| Expires: February 14, 2015 Jacobs University | Expires: March 22, 2015 Jacobs University | |||
| August 13, 2014 | September 18, 2014 | |||
| A YANG Data Model for SNMP Configuration | A YANG Data Model for SNMP Configuration | |||
| draft-ietf-netmod-snmp-cfg-07 | draft-ietf-netmod-snmp-cfg-08 | |||
| Abstract | Abstract | |||
| This document defines a collection of YANG definitions for | This document defines a collection of YANG definitions for | |||
| configuring SNMP engines. | configuring SNMP engines. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| skipping to change at page 1, line 32 | skipping to change at page 1, line 32 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on February 14, 2015. | This Internet-Draft will expire on March 22, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2014 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 17, line 28 | skipping to change at page 17, line 28 | |||
| "Directly specifies the name to be used for the certificate. | "Directly specifies the name to be used for the certificate. | |||
| The value of the leaf 'name' in 'cert-to-name' list is used."; | The value of the leaf 'name' in 'cert-to-name' list is used."; | |||
| reference "SNMP-TLS-TM-MIB.snmpTlstmCertSpecified"; | reference "SNMP-TLS-TM-MIB.snmpTlstmCertSpecified"; | |||
| } | } | |||
| identity san-rfc822-name { | identity san-rfc822-name { | |||
| base cert-to-name; | base cert-to-name; | |||
| description | description | |||
| "Maps a subjectAltName's rfc822Name to a name. The local part | "Maps a subjectAltName's rfc822Name to a name. The local part | |||
| of the rfc822Name is passed unaltered but the host-part of the | of the rfc822Name is passed unaltered but the host-part of the | |||
| name must be passed in lowercase. This mapping results in a | name must be passed in lowercase. For example, the | |||
| 1:1 correspondence between equivalent subjectAltName | ||||
| rfc822Name values and name values except that the host-part | ||||
| of the name MUST be passed in lowercase. For example, the | ||||
| rfc822Name field FooBar@Example.COM is mapped to name | rfc822Name field FooBar@Example.COM is mapped to name | |||
| FooBar@example.com."; | FooBar@example.com."; | |||
| reference "SNMP-TLS-TM-MIB.snmpTlstmCertSANRFC822Name"; | reference "SNMP-TLS-TM-MIB.snmpTlstmCertSANRFC822Name"; | |||
| } | } | |||
| identity san-dns-name { | identity san-dns-name { | |||
| base cert-to-name; | base cert-to-name; | |||
| description | description | |||
| "Maps a subjectAltName's dNSName to a name after first | "Maps a subjectAltName's dNSName to a name after first | |||
| converting it to all lowercase (RFC 5280 does not specify | converting it to all lowercase (RFC 5280 does not specify | |||
| skipping to change at page 20, line 16 | skipping to change at page 20, line 13 | |||
| cert-to-name list are searched. Entries with lower | cert-to-name list are searched. Entries with lower | |||
| numbers are searched first."; | numbers are searched first."; | |||
| reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNID"; | reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNID"; | |||
| } | } | |||
| leaf fingerprint { | leaf fingerprint { | |||
| type x509c2n:tls-fingerprint; | type x509c2n:tls-fingerprint; | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "Specifies a value with which the fingerprint of the | "Specifies a value with which the fingerprint of the | |||
| certificate presented by the peer is compared. If the | full certificate presented by the peer is compared. If | |||
| fingerprint of the certificate presented by the peer does | the fingerprint of the full certificate presented by the | |||
| not match the fingerprint configured, then the entry is | peer does not match the fingerprint configured, then the | |||
| skipped and the search for a match continues."; | entry is skipped and the search for a match continues."; | |||
| reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNFingerprint"; | reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNFingerprint"; | |||
| } | } | |||
| leaf map-type { | leaf map-type { | |||
| type identityref { | type identityref { | |||
| base cert-to-name; | base cert-to-name; | |||
| } | } | |||
| mandatory true; | mandatory true; | |||
| description | description | |||
| "Specifies the algorithm used to map the certificate | "Specifies the algorithm used to map the certificate | |||
| skipping to change at page 53, line 26 | skipping to change at page 53, line 26 | |||
| container sha { | container sha { | |||
| uses key; | uses key; | |||
| reference | reference | |||
| "SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol"; | "SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol"; | |||
| } | } | |||
| } | } | |||
| } | } | |||
| container priv { | container priv { | |||
| must "../auth" { | must "../auth" { | |||
| error-message | error-message | |||
| "when privacy is used, authentication must also be used"; | "when privacy (confidentiality) is used, " | |||
| + "authentication must also be used"; | ||||
| } | } | |||
| presence "enables encryption"; | presence "enables encryption"; | |||
| description | description | |||
| "Enables encryption of SNMP messages."; | "Enables encryption of SNMP messages."; | |||
| choice protocol { | choice protocol { | |||
| mandatory true; | mandatory true; | |||
| reference "SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol"; | reference "SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol"; | |||
| container des { | container des { | |||
| uses key; | uses key; | |||
| End of changes. 6 change blocks. | ||||
| 13 lines changed or deleted | 11 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||