draft-ietf-netmod-snmp-cfg-07.txt   draft-ietf-netmod-snmp-cfg-08.txt 
Network Working Group M. Bjorklund Network Working Group M. Bjorklund
Internet-Draft Tail-f Systems Internet-Draft Tail-f Systems
Intended status: Standards Track J. Schoenwaelder Intended status: Standards Track J. Schoenwaelder
Expires: February 14, 2015 Jacobs University Expires: March 22, 2015 Jacobs University
August 13, 2014 September 18, 2014
A YANG Data Model for SNMP Configuration A YANG Data Model for SNMP Configuration
draft-ietf-netmod-snmp-cfg-07 draft-ietf-netmod-snmp-cfg-08
Abstract Abstract
This document defines a collection of YANG definitions for This document defines a collection of YANG definitions for
configuring SNMP engines. configuring SNMP engines.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 14, 2015. This Internet-Draft will expire on March 22, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 17, line 28 skipping to change at page 17, line 28
"Directly specifies the name to be used for the certificate. "Directly specifies the name to be used for the certificate.
The value of the leaf 'name' in 'cert-to-name' list is used."; The value of the leaf 'name' in 'cert-to-name' list is used.";
reference "SNMP-TLS-TM-MIB.snmpTlstmCertSpecified"; reference "SNMP-TLS-TM-MIB.snmpTlstmCertSpecified";
} }
identity san-rfc822-name { identity san-rfc822-name {
base cert-to-name; base cert-to-name;
description description
"Maps a subjectAltName's rfc822Name to a name. The local part "Maps a subjectAltName's rfc822Name to a name. The local part
of the rfc822Name is passed unaltered but the host-part of the of the rfc822Name is passed unaltered but the host-part of the
name must be passed in lowercase. This mapping results in a name must be passed in lowercase. For example, the
1:1 correspondence between equivalent subjectAltName
rfc822Name values and name values except that the host-part
of the name MUST be passed in lowercase. For example, the
rfc822Name field FooBar@Example.COM is mapped to name rfc822Name field FooBar@Example.COM is mapped to name
FooBar@example.com."; FooBar@example.com.";
reference "SNMP-TLS-TM-MIB.snmpTlstmCertSANRFC822Name"; reference "SNMP-TLS-TM-MIB.snmpTlstmCertSANRFC822Name";
} }
identity san-dns-name { identity san-dns-name {
base cert-to-name; base cert-to-name;
description description
"Maps a subjectAltName's dNSName to a name after first "Maps a subjectAltName's dNSName to a name after first
converting it to all lowercase (RFC 5280 does not specify converting it to all lowercase (RFC 5280 does not specify
skipping to change at page 20, line 16 skipping to change at page 20, line 13
cert-to-name list are searched. Entries with lower cert-to-name list are searched. Entries with lower
numbers are searched first."; numbers are searched first.";
reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNID"; reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNID";
} }
leaf fingerprint { leaf fingerprint {
type x509c2n:tls-fingerprint; type x509c2n:tls-fingerprint;
mandatory true; mandatory true;
description description
"Specifies a value with which the fingerprint of the "Specifies a value with which the fingerprint of the
certificate presented by the peer is compared. If the full certificate presented by the peer is compared. If
fingerprint of the certificate presented by the peer does the fingerprint of the full certificate presented by the
not match the fingerprint configured, then the entry is peer does not match the fingerprint configured, then the
skipped and the search for a match continues."; entry is skipped and the search for a match continues.";
reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNFingerprint"; reference "SNMP-TLS-TM-MIB.snmpTlstmCertToTSNFingerprint";
} }
leaf map-type { leaf map-type {
type identityref { type identityref {
base cert-to-name; base cert-to-name;
} }
mandatory true; mandatory true;
description description
"Specifies the algorithm used to map the certificate "Specifies the algorithm used to map the certificate
skipping to change at page 53, line 26 skipping to change at page 53, line 26
container sha { container sha {
uses key; uses key;
reference reference
"SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol"; "SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol";
} }
} }
} }
container priv { container priv {
must "../auth" { must "../auth" {
error-message error-message
"when privacy is used, authentication must also be used"; "when privacy (confidentiality) is used, "
+ "authentication must also be used";
} }
presence "enables encryption"; presence "enables encryption";
description description
"Enables encryption of SNMP messages."; "Enables encryption of SNMP messages.";
choice protocol { choice protocol {
mandatory true; mandatory true;
reference "SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol"; reference "SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol";
container des { container des {
uses key; uses key;
 End of changes. 6 change blocks. 
13 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/