--- 1/draft-ietf-netmod-system-mgmt-11.txt 2014-02-13 11:14:39.212668169 -0800 +++ 2/draft-ietf-netmod-system-mgmt-12.txt 2014-02-13 11:14:39.272669623 -0800 @@ -1,19 +1,19 @@ Network Working Group A. Bierman Internet-Draft YumaWorks Intended status: Standards Track M. Bjorklund -Expires: July 24, 2014 Tail-f Systems - January 20, 2014 +Expires: August 17, 2014 Tail-f Systems + February 13, 2014 A YANG Data Model for System Management - draft-ietf-netmod-system-mgmt-11 + draft-ietf-netmod-system-mgmt-12 Abstract This document defines a YANG data model for the configuration and identification of some common system properties within a device containing a NETCONF server. This includes data node definitions for system identification, time-of-day management, user management, DNS resolver configuration, and some protocol operations for system management. @@ -25,21 +25,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on July 24, 2014. + This Internet-Draft will expire on August 17, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -78,20 +78,21 @@ 8.1. 00-01 . . . . . . . . . . . . . . . . . . . . . . . . . . 34 8.2. 01-02 . . . . . . . . . . . . . . . . . . . . . . . . . . 34 8.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 34 8.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 34 8.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 34 8.6. 05-06 . . . . . . . . . . . . . . . . . . . . . . . . . . 35 8.7. 06-07 . . . . . . . . . . . . . . . . . . . . . . . . . . 35 8.8. 07-08 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 8.9. 08-09 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 8.10. 09-10 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 + 8.11. 11-12 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.1. Normative References . . . . . . . . . . . . . . . . . . . 37 9.2. Informative References . . . . . . . . . . . . . . . . . . 38 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 39 1. Introduction This document defines a YANG [RFC6020] data model for the configuration and identification of some common properties within a device containing a NETCONF server. @@ -169,29 +170,29 @@ 2.2. System Time Management The management of the date and time used by the system need to be supported. Use of one or more NTP servers to automatically set the system date and time need to be possible. Utilization of the Timezone database [RFC6557] also need to be supported. It should be possible to configure the system to use NTP. 2.3. User Authentication - The authentication mechanism need to support password authentication + The authentication mechanism needs to support password authentication over RADIUS, to support deployment scenarios with centralized authentication servers. Additionally, local users need to be supported, for scenarios when no centralized authentication server exists, or for situations where the centralized authentication server cannot be reached from the device. Since the mandatory transport protocol for NETCONF is SSH [RFC6242] - the authentication model need to support SSH's "publickey" and + the authentication model needs to support SSH's "publickey" and "password" authentication methods [RFC4252]. The model for authentication configuration should be flexible enough to support authentication methods defined by other standard documents or by vendors. It should be possible to configure the system authentication properties. 2.4. DNS Resolver The configuration of the DNS resolver within the system containing @@ -221,22 +222,22 @@ +--ro machine? string 3.2. System Time Management The data model for system time management has the following structure: +--rw system | +--rw clock | | +--rw (timezone)? - | | +--:(timezone-location) - | | | +--rw timezone-location? ianatz:iana-timezone + | | +--:(timezone-name) + | | | +--rw timezone-name? timezone-name | | +--:(timezone-utc-offset) | | +--rw timezone-utc-offset? int16 | +--rw ntp! | +--rw enabled? boolean | +--rw server* [name] | +--rw name string | +--rw (transport) | | +--:(udp) | | +--rw udp | | +--rw address inet:host @@ -404,28 +405,28 @@ | contact | sysContact | | location | sysLocation | +----------------+-------------------+ YANG interface configuration data nodes and related SNMPv2-MIB objects 5. System YANG module This YANG module imports YANG extensions from [RFC6536], and imports - YANG types from [RFC6991] and [I-D.ietf-netmod-iana-timezones]. It - also references [RFC1035], [RFC1321], [RFC2865], [RFC3418], - [RFC5607], [RFC5966], [IEEE-1003.1-2008], and [FIPS.180-3.2008]. + YANG types from [RFC6991]. It also references [RFC1035], [RFC1321], + [RFC2865], [RFC3418], [RFC5607], [RFC5966], [RFC6557], + [IEEE-1003.1-2008], and [FIPS.180-3.2008]. RFC Ed.: update the date below with the date of RFC publication and remove this note. - file "ietf-system@2013-12-23.yang" + file "ietf-system@2014-02-13.yang" module ietf-system { namespace "urn:ietf:params:xml:ns:yang:ietf-system"; prefix "sys"; import ietf-yang-types { prefix yang; } import ietf-inet-types { @@ -440,78 +441,90 @@ prefix ianatz; } organization "IETF NETMOD (NETCONF Data Modeling Language) Working Group"; contact "WG Web: WG List: - WG Chair: David Kessens - + WG Chair: Thomas Nadeau + WG Chair: Juergen Schoenwaelder Editor: Andy Bierman Editor: Martin Bjorklund "; description "This module contains a collection of YANG definitions for the configuration and identification of some common system properties within a device containing a NETCONF server. This includes data node definitions for system identification, time-of-day management, user management, DNS resolver configuration, and some protocol operations for system management. - Copyright (c) 2013 IETF Trust and the persons identified as + Copyright (c) 2014 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX; see the RFC itself for full legal notices."; // RFC Ed.: replace XXXX with actual RFC number and remove this // note. // RFC Ed.: remove this note // Note: extracted from draft-ietf-netmod-system-mgmt-07.txt // RFC Ed.: update the date below with the date of RFC publication // and remove this note. - revision "2013-12-23" { + revision "2014-02-13" { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for System Management"; } /* * Typedefs */ + typedef timezone-name { + type string; + description + "A timezone name as used by the Time Zone Database, sometimes + referred to as the 'Olson Database'. + + The exact set of valid values is an implementation-specific + matter. Client discovery of the exact set of time zone names + for a particular server is out of scope."; + reference + "RFC 6557: Procedures for Maintaining the Time Zone Database"; + } + typedef crypt-hash { type string { pattern '$0$.*' - + '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}' + '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}' + '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}'; } description "The crypt-hash type is used to store passwords using a hash function. The algorithms for applying the hash function and encoding the result are implemented in various UNIX systems as the function crypt(3). @@ -624,39 +637,37 @@ feature ntp-udp-port { description "Indicates that the device supports the configuration of the UDP port for NTP servers. This is a 'feature' since many implementations do not support any other port than the default port."; } - feature timezone-location { + feature timezone-name { description "Indicates that the local timezone on the device can be configured to use the TZ database to set the timezone and manage daylight savings time."; + reference - "TZ Database http://www.twinsun.com/tz/tz-link.htm - Maintaining the Timezone Database - RFC 6557 (BCP 175)"; + "RFC 6557: Procedures for Maintaining the Time Zone Database"; } feature dns-udp-tcp-port { description "Indicates that the device supports the configuration of the UDP and TCP port for DNS servers. This is a 'feature' since many implementations do not support any other port than the default port."; - } /* * Identities */ identity authentication-method { description "Base identity for user authentication methods."; } @@ -740,35 +750,36 @@ A server implementation MAY map this leaf to the sysLocation MIB object. Such an implementation needs to use some mechanism to handle the differences in size and characters allowed between this leaf and sysLocation. The definition of such a mechanism is outside the scope of this document."; reference "RFC 3418: Management Information Base (MIB) for the Simple Network Management Protocol (SNMP) SNMPv2-MIB.sysLocation"; } + container clock { description "Configuration of the system date and time properties."; choice timezone { description "The system timezone information."; - case timezone-location { - if-feature timezone-location; - leaf timezone-location { - type ianatz:iana-timezone; + case timezone-name { + if-feature timezone-name; + leaf timezone-name { + type timezone-name; description - "The TZ database location identifier string - to use for the system, such as 'Europe/Stockholm'."; + "The TZ database name to use for the system, such + as 'Europe/Stockholm'."; } } case timezone-utc-offset { leaf timezone-utc-offset { type int16 { range "-1500 .. 1500"; } units "minutes"; description "The number of minutes to add to UTC time to @@ -1095,25 +1103,29 @@ error-message "When 'radius' is used, a RADIUS server" + " must be configured."; description "When 'radius' is used as an authentication method, a RADIUS server must be configured."; } ordered-by user; description - "When the device authenticates a user with - a password, it tries the authentication methods in this - leaf-list in order. If authentication with one method - fails, the next method is used. If no method succeeds, - the user is denied access. + "When the device authenticates a user with a password, + it tries the authentication methods in this leaf-list in + order. If authentication with one method fails, the next + method is used. If no method succeeds, the user is + denied access. + + An empty user-authentication-order leaf-list still allows + authentication of users using mechanisms that do not + involve a password. If the 'radius-authentication' feature is advertised by the NETCONF server, the 'radius' identity can be added to this list. If the 'local-users' feature is advertised by the NETCONF server, the 'local-users' identity can be added to this list."; } @@ -1305,24 +1317,25 @@ The YANG module defined in this memo is designed to be accessed via the NETCONF protocol [RFC6241]. The lowest NETCONF layer is the secure transport layer and the mandatory-to-implement secure transport is SSH [RFC6242]. Authorization for access to specific portions of conceptual data and operations within this module is provided by the NETCONF access control model (NACM) [RFC6536]. There are a number of data nodes defined in this YANG module which are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable - in some network environments. Write operations (e.g., edit-config) - to these data nodes without proper protection can have a negative - effect on network operations. These are the subtrees and data nodes - and their sensitivity/vulnerability: + in some network environments. Write operations to these data nodes + can have a negative effect on network operations. It is thus + important to control write access (e.g., via edit-config) to these + data nodes. These are the subtrees and data nodes and their + sensitivity/vulnerability: o /system/clock/timezone: This choice contains the objects used to control the timezone used by the device. o /system/ntp: This container contains the objects used to control the Network Time Protocol servers used by the device. o /system/dns-resolver: This container contains the objects used to control the Domain Name System servers used by the device. @@ -1343,34 +1356,36 @@ nodes and their sensitivity/vulnerability: o /system/platform: This container has objects which may help identify the specific NETCONF server and/or operating system implementation used on the device. o /system/authentication/user: This list has objects that may help identify the specific user names and password information in use on the device. - Some of the RPC operations in this YANG module may be considered - sensitive or vulnerable in some network environments. It is thus - important to control access to these operations. These are the - operations and their sensitivity/vulnerability: + Some of the remote procedure call (RPC) operations in this YANG + module may be considered sensitive or vulnerable in some network + environments. It is thus important to control access to these + operations. These are the operations and their sensitivity/ + vulnerability: o set-current-datetime: Changes the current date and time on the device. o system-restart: Reboots the device. o system-shutdown: Shuts down the device. This YANG model defines a type "crypt-hash" that can be used to store MD5 hashes. [RFC6151] discusses security considerations for MD5. + The usage of MD5 is NOT RECOMMENDED. 8. Change Log -- RFC Ed.: remove this section before publication. 8.1. 00-01 o added configuration-source identities o added configuration-source leaf to ntp and dns (via grouping) to @@ -1478,35 +1493,35 @@ o added reference to RFC 6151 o updated reference from 6021-bis to RFC 6991 o cleaned up usage of config false in the YANG module 8.10. 09-10 o clarified relationship with SNMPv2-MIB +8.11. 11-12 + + o added typedef "timezone-name", and removed reference to + draft-ietf-netmod-iana-timezones + 9. References 9.1. Normative References [FIPS.180-3.2008] National Institute of Standards and Technology, "Secure Hash Standard", FIPS PUB 180-3, October 2008, . - [I-D.ietf-netmod-iana-timezones] - Lange, J., "IANA Timezone Database YANG Module", - draft-ietf-netmod-iana-timezones-00 (work in progress), - July 2012. - [IEEE-1003.1-2008] Institute of Electrical and Electronics Engineers, "POSIX.1-2008", IEEE Standard 1003.1, March 2008. [RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987. [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April 1992.