draft-ietf-netmod-system-mgmt-07.txt   draft-ietf-netmod-system-mgmt-08.txt 
Network Working Group A. Bierman Network Working Group A. Bierman
Internet-Draft YumaWorks Internet-Draft YumaWorks
Intended status: Standards Track M. Bjorklund Intended status: Standards Track M. Bjorklund
Expires: December 19, 2013 Tail-f Systems Expires: January 5, 2014 Tail-f Systems
June 17, 2013 July 4, 2013
YANG Data Model for System Management YANG Data Model for System Management
draft-ietf-netmod-system-mgmt-07 draft-ietf-netmod-system-mgmt-08
Abstract Abstract
This document defines a YANG data model for the configuration and This document defines a YANG data model for the configuration and
identification of some common system properties within a device identification of some common system properties within a device
containing a NETCONF server. This includes data node definitions for containing a NETCONF server. This includes data node definitions for
system identification, time-of-day management, user management, DNS system identification, time-of-day management, user management, DNS
resolver configuration, and some protocol operations for system resolver configuration, and some protocol operations for system
management. management.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 19, 2013. This Internet-Draft will expire on January 5, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 21 skipping to change at page 2, line 21
1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Tree Diagrams . . . . . . . . . . . . . . . . . . . . . . 3
2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1. System Identification . . . . . . . . . . . . . . . . . . 5 2.1. System Identification . . . . . . . . . . . . . . . . . . 5
2.2. System Time Management . . . . . . . . . . . . . . . . . . 5 2.2. System Time Management . . . . . . . . . . . . . . . . . . 5
2.3. User Authentication . . . . . . . . . . . . . . . . . . . 5 2.3. User Authentication . . . . . . . . . . . . . . . . . . . 5
2.4. DNS Resolver . . . . . . . . . . . . . . . . . . . . . . . 5 2.4. DNS Resolver . . . . . . . . . . . . . . . . . . . . . . . 5
2.5. System Control . . . . . . . . . . . . . . . . . . . . . . 6 2.5. System Control . . . . . . . . . . . . . . . . . . . . . . 6
3. System Data Model . . . . . . . . . . . . . . . . . . . . . . 7 3. System Data Model . . . . . . . . . . . . . . . . . . . . . . 7
3.1. System Identification . . . . . . . . . . . . . . . . . . 7 3.1. System Identification . . . . . . . . . . . . . . . . . . 7
3.2. System Time Management . . . . . . . . . . . . . . . . . . 7 3.2. System Time Management . . . . . . . . . . . . . . . . . . 7
3.3. DNS Resolver Model . . . . . . . . . . . . . . . . . . . . 7 3.3. DNS Resolver Model . . . . . . . . . . . . . . . . . . . . 8
3.4. RADIUS Client Model . . . . . . . . . . . . . . . . . . . 8 3.4. RADIUS Client Model . . . . . . . . . . . . . . . . . . . 8
3.5. User Authentication Model . . . . . . . . . . . . . . . . 8 3.5. User Authentication Model . . . . . . . . . . . . . . . . 9
3.5.1. SSH Public Key Authentication . . . . . . . . . . . . 9 3.5.1. SSH Public Key Authentication . . . . . . . . . . . . 9
3.5.2. Local User Password Authentication . . . . . . . . . . 9 3.5.2. Local User Password Authentication . . . . . . . . . . 10
3.5.3. RADIUS Password Authentication . . . . . . . . . . . . 10 3.5.3. RADIUS Password Authentication . . . . . . . . . . . . 10
3.6. System Control . . . . . . . . . . . . . . . . . . . . . . 10 3.6. System Control . . . . . . . . . . . . . . . . . . . . . . 10
4. System YANG module . . . . . . . . . . . . . . . . . . . . . . 11 4. System YANG module . . . . . . . . . . . . . . . . . . . . . . 11
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29
6. Security Considerations . . . . . . . . . . . . . . . . . . . 30 6. Security Considerations . . . . . . . . . . . . . . . . . . . 30
7. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.1. 00-01 . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7.1. 00-01 . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.2. 01-02 . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7.2. 01-02 . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 32 7.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.6. 05-06 . . . . . . . . . . . . . . . . . . . . . . . . . . 33 7.6. 05-06 . . . . . . . . . . . . . . . . . . . . . . . . . . 33
7.7. 06-07 . . . . . . . . . . . . . . . . . . . . . . . . . . 33 7.7. 06-07 . . . . . . . . . . . . . . . . . . . . . . . . . . 33
7.8. 07-08 . . . . . . . . . . . . . . . . . . . . . . . . . . 34
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35
8.1. Normative References . . . . . . . . . . . . . . . . . . . 35 8.1. Normative References . . . . . . . . . . . . . . . . . . . 35
8.2. Informative References . . . . . . . . . . . . . . . . . . 36 8.2. Informative References . . . . . . . . . . . . . . . . . . 36
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 37 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 37
1. Introduction 1. Introduction
This document defines a YANG [RFC6020] data model for the This document defines a YANG [RFC6020] data model for the
configuration and identification of some common properties within a configuration and identification of some common properties within a
device containing a NETCONF server. device containing a NETCONF server.
skipping to change at page 5, line 49 skipping to change at page 5, line 49
The model for authentication configuration should be flexible enough The model for authentication configuration should be flexible enough
to support authentication methods defined by other standard documents to support authentication methods defined by other standard documents
or by vendors. It should be possible for the server, as well as or by vendors. It should be possible for the server, as well as
clients, to configure the system authentication properties. clients, to configure the system authentication properties.
2.4. DNS Resolver 2.4. DNS Resolver
The configuration of the DNS resolver within the system containing The configuration of the DNS resolver within the system containing
the NETCONF server is required to control how domain names are the NETCONF server is required to control how domain names are
resolved. An order list of DNS servers and some common parameters resolved.
such as the list of domains to search when resolving a host name.
2.5. System Control 2.5. System Control
A few operations are needed to support common tasks such as A few operations are needed to support common tasks such as
restarting the device or setting the system date and time. restarting the device or setting the system date and time.
3. System Data Model 3. System Data Model
3.1. System Identification 3.1. System Identification
The data model for system identification has the following structure: The data model for system identification has the following structure:
+--rw system +--rw system
+--rw contact? string | +--rw contact? string
+--rw hostname? inet:domain-name | +--rw hostname? inet:domain-name
+--rw location? string | +--rw location? string
+--ro system-state
+--ro platform +--ro platform
+--ro os-name? string +--ro os-name? string
+--ro os-release? string +--ro os-release? string
+--ro os-version? string +--ro os-version? string
+--ro machine? string +--ro machine? string
3.2. System Time Management 3.2. System Time Management
The data model for system time management has the following The data model for system time management has the following
structure: structure:
+--rw system +--rw system
+--rw clock | +--rw clock
| +--ro current-datetime? yang:date-and-time | | +--rw (timezone)?
| +--ro boot-datetime? yang:date-and-time | | +--:(timezone-location)
| +--rw (timezone)? | | | +--rw timezone-location? ianatz:iana-timezone
| +--:(timezone-location) | | +--:(timezone-utc-offset)
| | +--rw timezone-location? ianatz:iana-timezone | | +--rw timezone-utc-offset? int16
| +--:(timezone-utc-offset) | +--rw ntp
| +--rw timezone-utc-offset? int16 | +--rw enabled? boolean
+--rw ntp | +--rw server* [name]
+--rw enabled? boolean | +--rw name string
+--rw server* [name] | +--rw (transport)
+--rw name string | | +--:(udp)
+--rw (transport) | | +--rw udp
| +--:(udp) | | +--rw address inet:host
| +--rw udp | | +--rw port? inet:port-number
| +--rw address inet:host | +--rw association-type? enumeration
| +--rw port? inet:port-number | +--rw iburst? boolean
+--rw association-type? enumeration | +--rw prefer? boolean
+--rw iburst? boolean +--ro system-state
+--rw prefer? boolean +--ro clock
+--ro current-datetime? yang:date-and-time
+--ro boot-datetime? yang:date-and-time
New "case" statements can be added over time or augmented to the
"transport" choice to support other transport protocols.
3.3. DNS Resolver Model 3.3. DNS Resolver Model
The data model for configuration of the DNS resolver has the The data model for configuration of the DNS resolver has the
following structure: following structure:
+--rw system +--rw system
+--rw dns-resolver +--rw dns-resolver
+--rw search* inet:domain-name +--rw search* inet:domain-name
+--rw server* [name] +--rw server* [name]
| +--rw name string | +--rw name string
| +--rw (transport) | +--rw (transport)
| +--:(udp) | +--:(udp-and-tcp)
| +--rw udp | +--udp-and-tcp
| +--rw address inet:ip-address | +--rw address inet:ip-address
| +--rw port? inet:port-number | +--rw port? inet:port-number
+--rw options +--rw options
+--rw timeout? uint8 +--rw timeout? uint8
+--rw attempts? uint8 +--rw attempts? uint8
New "case" statements can be added over time or augmented to the
"transport" choice to support other transport protocols.
3.4. RADIUS Client Model 3.4. RADIUS Client Model
The data model for configuration of the RADIUS client has the The data model for configuration of the RADIUS client has the
following structure: following structure:
+--rw system +--rw system
+--rw radius +--rw radius
+--rw server* [name] +--rw server* [name]
| +--rw name string | +--rw name string
| +--rw (transport) | +--rw (transport)
| | +--:(udp) | | +--:(udp)
| | +--rw udp | | +--rw udp
| | +--rw address inet:host | | +--rw address inet:host
| | +--rw authentication-port? inet:port-number | | +--rw authentication-port? inet:port-number
| | +--rw shared-secret string | | +--rw shared-secret string
| +--rw authentication-type? identityref | +--rw authentication-type? identityref
+--rw options +--rw options
+--rw timeout? uint8 +--rw timeout? uint8
+--rw attempts? uint8 +--rw attempts? uint8
New "case" statements can be added over time or augmented to the
"transport" choice to support other transport protocols.
3.5. User Authentication Model 3.5. User Authentication Model
This document defines three authentication methods for use with This document defines three authentication methods for use with
NETCONF: NETCONF:
o publickey for local users over SSH o publickey for local users over SSH
o password for local users over any transport o password for local users over any transport
o password for RADIUS users over any transport o password for RADIUS users over any transport
skipping to change at page 11, line 9 skipping to change at page 11, line 9
Two protocol operations are included to restart or shutdown the Two protocol operations are included to restart or shutdown the
system. The 'system-restart' operation can be used to restart the system. The 'system-restart' operation can be used to restart the
entire system (not just the NETCONF server). The 'system-shutdown' entire system (not just the NETCONF server). The 'system-shutdown'
operation can be used to power off the entire system. operation can be used to power off the entire system.
4. System YANG module 4. System YANG module
This YANG module imports YANG extensions from [RFC6536], and imports This YANG module imports YANG extensions from [RFC6536], and imports
YANG types from [I-D.ietf-netmod-rfc6021-bis] and YANG types from [I-D.ietf-netmod-rfc6021-bis] and
[I-D.ietf-netmod-iana-timezones]. It also references [RFC1321], [I-D.ietf-netmod-iana-timezones]. It also references [RFC1035],
[RFC2865], [RFC3418], [RFC5607], [IEEE-1003.1-2008], and [RFC1321], [RFC2865], [RFC3418], [RFC5607], [RFC5966],
[FIPS.180-3.2008]. [IEEE-1003.1-2008], and [FIPS.180-3.2008].
RFC Ed.: update the date below with the date of RFC publication and RFC Ed.: update the date below with the date of RFC publication and
remove this note. remove this note.
<CODE BEGINS> file "ietf-system@2013-06-17.yang" <CODE BEGINS> file "ietf-system@2013-07-04.yang"
module ietf-system { module ietf-system {
namespace "urn:ietf:params:xml:ns:yang:ietf-system"; namespace "urn:ietf:params:xml:ns:yang:ietf-system";
prefix "sys"; prefix "sys";
import ietf-yang-types { import ietf-yang-types {
prefix yang; prefix yang;
} }
import ietf-inet-types { import ietf-inet-types {
skipping to change at page 12, line 38 skipping to change at page 12, line 38
the RFC itself for full legal notices."; the RFC itself for full legal notices.";
// RFC Ed.: replace XXXX with actual RFC number and remove this // RFC Ed.: replace XXXX with actual RFC number and remove this
// note. // note.
// RFC Ed.: remove this note // RFC Ed.: remove this note
// Note: extracted from draft-ietf-netmod-system-mgmt-07.txt // Note: extracted from draft-ietf-netmod-system-mgmt-07.txt
// RFC Ed.: update the date below with the date of RFC publication // RFC Ed.: update the date below with the date of RFC publication
// and remove this note. // and remove this note.
revision "2013-06-17" { revision "2013-07-04" {
description description
"Initial revision."; "Initial revision.";
reference reference
"RFC XXXX: A YANG Data Model for System Management"; "RFC XXXX: A YANG Data Model for System Management";
} }
/* /*
* Typedefs * Typedefs
*/ */
skipping to change at page 15, line 45 skipping to change at page 15, line 45
description description
"Indicates that the local timezone on the device "Indicates that the local timezone on the device
can be configured to use the TZ database can be configured to use the TZ database
to set the timezone and manage daylight savings time."; to set the timezone and manage daylight savings time.";
reference reference
"TZ Database http://www.twinsun.com/tz/tz-link.htm "TZ Database http://www.twinsun.com/tz/tz-link.htm
Maintaining the Timezone Database Maintaining the Timezone Database
RFC 6557 (BCP 175)"; RFC 6557 (BCP 175)";
} }
feature dns-udp-port { feature dns-udp-tcp-port {
description description
"Indicates that the device supports the configuration of "Indicates that the device supports the configuration of
the UDP port for DNS servers. the UDP and TCP port for DNS servers.
This is a 'feature' since many implementations do not support This is a 'feature' since many implementations do not support
any other port than the default port."; any other port than the default port.";
} }
/* /*
* Identities * Identities
*/ */
skipping to change at page 17, line 46 skipping to change at page 17, line 46
type string; type string;
description description
"The system location. The server MAY restrict the size "The system location. The server MAY restrict the size
and characters in order to maintain compatibility with and characters in order to maintain compatibility with
the sysLocation MIB object."; the sysLocation MIB object.";
reference reference
"RFC 3418 - Management Information Base (MIB) for the "RFC 3418 - Management Information Base (MIB) for the
Simple Network Management Protocol (SNMP) Simple Network Management Protocol (SNMP)
SNMPv2-MIB.sysLocation"; SNMPv2-MIB.sysLocation";
} }
container platform {
config false;
description
"Contains vendor-specific information for
identifying the system platform and operating system.";
reference
"IEEE Std 1003.1-2008 - sys/utsname.h";
leaf os-name {
type string;
description
"The name of the operating system in use,
for example 'Linux'";
reference
"IEEE Std 1003.1-2008 - utsname.sysname";
}
leaf os-release {
type string;
description
"The current release level of the operating
system in use. This string MAY indicate
the OS source code revision.";
reference
"IEEE Std 1003.1-2008 - utsname.release";
}
leaf os-version {
type string;
description
"The current version level of the operating
system in use. This string MAY indicate
the specific OS build date and target variant
information.";
reference
"IEEE Std 1003.1-2008 - utsname.version";
}
leaf machine {
type string;
description
"A vendor-specific identifier string representing
the hardware in use.";
reference
"IEEE Std 1003.1-2008 - utsname.machine";
}
}
container clock { container clock {
description description
"Configuration and monitoring of the system "Configuration of the system date and time properties.";
date and time properties.";
leaf current-datetime {
type yang:date-and-time;
config false;
description
"The current system date and time.";
}
leaf boot-datetime {
type yang:date-and-time;
config false;
description
"The system date and time when the system last restarted.";
}
choice timezone { choice timezone {
description description
"The system timezone information."; "The system timezone information.";
case timezone-location { case timezone-location {
if-feature timezone-location; if-feature timezone-location;
leaf timezone-location { leaf timezone-location {
type ianatz:iana-timezone; type ianatz:iana-timezone;
description description
"The TZ database location identifier string "The TZ database location identifier string
skipping to change at page 20, line 21 skipping to change at page 19, line 12
leaf name { leaf name {
type string; type string;
description description
"An arbitrary name for the NTP server."; "An arbitrary name for the NTP server.";
} }
choice transport { choice transport {
mandatory true; mandatory true;
description description
"The transport protocol specific parameters for this "The transport protocol specific parameters for this
server. server.";
It is expected that new case statements will be added
over time to support other transport protocols.";
case udp { case udp {
container udp { container udp {
description description
"Contains UDP specific configuration parameters "Contains UDP specific configuration parameters
for NTP."; for NTP.";
leaf address { leaf address {
type inet:host; type inet:host;
mandatory true; mandatory true;
description description
"The address of the NTP server."; "The address of the NTP server.";
skipping to change at page 22, line 34 skipping to change at page 21, line 23
leaf name { leaf name {
type string; type string;
description description
"An arbitrary name for the DNS server."; "An arbitrary name for the DNS server.";
} }
choice transport { choice transport {
mandatory true; mandatory true;
description description
"The transport protocol specific parameters for this "The transport protocol specific parameters for this
server. server.";
It is expected that new case statements will be added case udp-and-tcp {
over time to support other transport protocols."; container udp-and-tcp {
case udp {
container udp {
description description
"Contains UDP specific configuration parameters "Contains UDP and TCP specific configuration
for DNS."; parameters for DNS.";
reference
"RFC 1035: Domain Implementation and Specification
RFC 5966: DNS over TCP";
leaf address { leaf address {
type inet:ip-address; type inet:ip-address;
mandatory true; mandatory true;
description description
"The address of the DNS server."; "The address of the DNS server.";
} }
leaf port { leaf port {
if-feature dns-udp-port; if-feature dns-udp-tcp-port;
type inet:port-number; type inet:port-number;
default 53; default 53;
description description
"The port number of the DNS server."; "The UDP and TCP port number of the DNS server.";
} }
} }
} }
} }
} }
container options { container options {
description description
"Resolver options. The set of available options has been "Resolver options. The set of available options has been
limited to those that are generally available across limited to those that are generally available across
different resolver implementations, and generally different resolver implementations, and generally
skipping to change at page 24, line 23 skipping to change at page 23, line 14
error to the calling application."; error to the calling application.";
leaf name { leaf name {
type string; type string;
description description
"An arbitrary name for the RADIUS server."; "An arbitrary name for the RADIUS server.";
} }
choice transport { choice transport {
mandatory true; mandatory true;
description description
"The transport protocol specific parameters "The transport protocol specific parameters for this
for this server. It is expected that new server.";
case statements will be added over time to
support other transport protocols.";
case udp { case udp {
container udp { container udp {
description description
"Contains UDP specific configuration parameters "Contains UDP specific configuration parameters
for RADIUS."; for RADIUS.";
leaf address { leaf address {
type inet:host; type inet:host;
mandatory true; mandatory true;
description description
"The address of the RADIUS server."; "The address of the RADIUS server.";
skipping to change at page 27, line 39 skipping to change at page 26, line 31
type binary; type binary;
mandatory true; mandatory true;
description description
"The binary key data for this ssh key."; "The binary key data for this ssh key.";
} }
} }
} }
} }
} }
container system-state {
config false;
description
"System group operational state.";
container platform {
config false;
description
"Contains vendor-specific information for
identifying the system platform and operating system.";
reference
"IEEE Std 1003.1-2008 - sys/utsname.h";
leaf os-name {
type string;
description
"The name of the operating system in use,
for example 'Linux'";
reference
"IEEE Std 1003.1-2008 - utsname.sysname";
}
leaf os-release {
type string;
description
"The current release level of the operating
system in use. This string MAY indicate
the OS source code revision.";
reference
"IEEE Std 1003.1-2008 - utsname.release";
}
leaf os-version {
type string;
description
"The current version level of the operating
system in use. This string MAY indicate
the specific OS build date and target variant
information.";
reference
"IEEE Std 1003.1-2008 - utsname.version";
}
leaf machine {
type string;
description
"A vendor-specific identifier string representing
the hardware in use.";
reference
"IEEE Std 1003.1-2008 - utsname.machine";
}
}
container clock {
description
"Monitoring of the system
date and time properties.";
leaf current-datetime {
type yang:date-and-time;
config false;
description
"The current system date and time.";
}
leaf boot-datetime {
type yang:date-and-time;
config false;
description
"The system date and time when the system last restarted.";
}
}
}
rpc set-current-datetime { rpc set-current-datetime {
nacm:default-deny-all; nacm:default-deny-all;
description description
"Set the /system/clock/current-datetime leaf "Set the /system-state/clock/current-datetime leaf
to the specified value. to the specified value.
If the system is using NTP (i.e., /system/ntp/enabled If the system is using NTP (i.e., /system/ntp/enabled
is set to 'true'), then this operation will is set to 'true'), then this operation will
fail with error-tag 'operation-failed', fail with error-tag 'operation-failed',
and error-app-tag value of 'ntp-active'"; and error-app-tag value of 'ntp-active'";
input { input {
leaf current-datetime { leaf current-datetime {
type yang:date-and-time; type yang:date-and-time;
mandatory true; mandatory true;
skipping to change at page 35, line 5 skipping to change at page 34, line 11
o updated the Abstract and Introduction o updated the Abstract and Introduction
o updated Tree diagram notation o updated Tree diagram notation
o identify all external servers (dns, ntp, radius) by name instead o identify all external servers (dns, ntp, radius) by name instead
of address, in order to make the data model extensible for of address, in order to make the data model extensible for
additional transport protocol. additional transport protocol.
o updated the Security Considerations section with a reference to o updated the Security Considerations section with a reference to
NACM. NACM.
7.8. 07-08
o renamed the DNS transport to 'udp-and-tcp' and added references.
o moved the operational state nodes into /system-state.
8. References 8. References
8.1. Normative References 8.1. Normative References
[FIPS.180-3.2008] [FIPS.180-3.2008]
National Institute of Standards and Technology, "Secure National Institute of Standards and Technology, "Secure
Hash Standard", FIPS PUB 180-3, October 2008, <http:// Hash Standard", FIPS PUB 180-3, October 2008, <http://
csrc.nist.gov/publications/fips/fips180-3/ csrc.nist.gov/publications/fips/fips180-3/
fips180-3_final.pdf>. fips180-3_final.pdf>.
[I-D.ietf-netmod-iana-timezones] [I-D.ietf-netmod-iana-timezones]
Lange, J., "IANA Timezone Database YANG Module", Lange, J., "IANA Timezone Database YANG Module",
draft-ietf-netmod-iana-timezones-00 (work in progress), draft-ietf-netmod-iana-timezones-00 (work in progress),
July 2012. July 2012.
[I-D.ietf-netmod-rfc6021-bis] [I-D.ietf-netmod-rfc6021-bis]
Schoenwaelder, J., "Common YANG Data Types", Schoenwaelder, J., "Common YANG Data Types",
draft-ietf-netmod-rfc6021-bis-02 (work in progress), draft-ietf-netmod-rfc6021-bis-03 (work in progress),
May 2013. June 2013.
[IEEE-1003.1-2008] [IEEE-1003.1-2008]
Institute of Electrical and Electronics Engineers, Institute of Electrical and Electronics Engineers,
"POSIX.1-2008", IEEE Standard 1003.1, March 2008. "POSIX.1-2008", IEEE Standard 1003.1, March 2008.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
April 1992. April 1992.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)", "Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000. RFC 2865, June 2000.
skipping to change at page 36, line 5 skipping to change at page 36, line 7
[RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) [RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Authentication Protocol", RFC 4252, January 2006. Authentication Protocol", RFC 4252, January 2006.
[RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) [RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Transport Layer Protocol", RFC 4253, January 2006. Transport Layer Protocol", RFC 4253, January 2006.
[RFC5607] Nelson, D. and G. Weber, "Remote Authentication Dial-In [RFC5607] Nelson, D. and G. Weber, "Remote Authentication Dial-In
User Service (RADIUS) Authorization for Network Access User Service (RADIUS) Authorization for Network Access
Server (NAS) Management", RFC 5607, July 2009. Server (NAS) Management", RFC 5607, July 2009.
[RFC5966] Bellis, R., "DNS Transport over TCP - Implementation
Requirements", RFC 5966, August 2010.
[RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the [RFC6020] Bjorklund, M., "YANG - A Data Modeling Language for the
Network Configuration Protocol (NETCONF)", RFC 6020, Network Configuration Protocol (NETCONF)", RFC 6020,
October 2010. October 2010.
[RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
and A. Bierman, Ed., "Network Configuration Protocol and A. Bierman, Ed., "Network Configuration Protocol
(NETCONF)", RFC 6241, June 2011. (NETCONF)", RFC 6241, June 2011.
[RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure
Shell (SSH)", RFC 6242, June 2011. Shell (SSH)", RFC 6242, June 2011.
 End of changes. 35 change blocks. 
118 lines changed or deleted 153 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/