draft-ietf-netmod-system-mgmt-14.txt   draft-ietf-netmod-system-mgmt-15.txt 
Network Working Group A. Bierman Network Working Group A. Bierman
Internet-Draft YumaWorks Internet-Draft YumaWorks
Intended status: Standards Track M. Bjorklund Intended status: Standards Track M. Bjorklund
Expires: October 17, 2014 Tail-f Systems Expires: October 31, 2014 Tail-f Systems
April 15, 2014 April 29, 2014
A YANG Data Model for System Management A YANG Data Model for System Management
draft-ietf-netmod-system-mgmt-14 draft-ietf-netmod-system-mgmt-15
Abstract Abstract
This document defines a YANG data model for the configuration and This document defines a YANG data model for the configuration and
identification of some common system properties within a device identification of some common system properties within a device
containing a NETCONF server. This includes data node definitions for containing a NETCONF server. This includes data node definitions for
system identification, time-of-day management, user management, DNS system identification, time-of-day management, user management, DNS
resolver configuration, and some protocol operations for system resolver configuration, and some protocol operations for system
management. management.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 17, 2014. This Internet-Draft will expire on October 31, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 46 skipping to change at page 2, line 46
9.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 35 9.3. 02-03 . . . . . . . . . . . . . . . . . . . . . . . . . . 35
9.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 35 9.4. 03-04 . . . . . . . . . . . . . . . . . . . . . . . . . . 35
9.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 35 9.5. 04-05 . . . . . . . . . . . . . . . . . . . . . . . . . . 35
9.6. 05-06 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 9.6. 05-06 . . . . . . . . . . . . . . . . . . . . . . . . . . 36
9.7. 06-07 . . . . . . . . . . . . . . . . . . . . . . . . . . 36 9.7. 06-07 . . . . . . . . . . . . . . . . . . . . . . . . . . 36
9.8. 07-08 . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.8. 07-08 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.9. 08-09 . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.9. 08-09 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.10. 09-10 . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.10. 09-10 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.11. 11-12 . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.11. 11-12 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.12. 13-14 . . . . . . . . . . . . . . . . . . . . . . . . . . 37 9.12. 13-14 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
9.13. 14-15 . . . . . . . . . . . . . . . . . . . . . . . . . . 37
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 38 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 38
10.1. Normative References . . . . . . . . . . . . . . . . . . . 38 10.1. Normative References . . . . . . . . . . . . . . . . . . . 38
10.2. Informative References . . . . . . . . . . . . . . . . . . 39 10.2. Informative References . . . . . . . . . . . . . . . . . . 39
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 40 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 40
1. Introduction 1. Introduction
This document defines a YANG [RFC6020] data model for the This document defines a YANG [RFC6020] data model for the
configuration and identification of some common properties within a configuration and identification of some common properties within a
device containing a NETCONF server. device containing a NETCONF server.
skipping to change at page 34, line 27 skipping to change at page 34, line 27
o system-restart: Reboots the device. o system-restart: Reboots the device.
o system-shutdown: Shuts down the device. o system-shutdown: Shuts down the device.
Since this document describes the use of RADIUS for purposes of Since this document describes the use of RADIUS for purposes of
authentication, it is vulnerable to all of the threats that are authentication, it is vulnerable to all of the threats that are
present in other RADIUS applications. For a discussion of such present in other RADIUS applications. For a discussion of such
threats, see [RFC2865] and [RFC3162]. threats, see [RFC2865] and [RFC3162].
This document provides configuration parameters for SSH's "publickey"
and "password" authentication mechanisms. Section 9.4 of [RFC4251]
and section 11 of [RFC4252] discuss security considerations for these
mechanisms.
The "iana-crypt-hash" YANG module defines a type "crypt-hash" that The "iana-crypt-hash" YANG module defines a type "crypt-hash" that
can be used to store MD5 hashes. [RFC6151] discusses security can be used to store MD5 hashes. [RFC6151] discusses security
considerations for MD5. The usage of MD5 is NOT RECOMMENDED. considerations for MD5. The usage of MD5 is NOT RECOMMENDED.
9. Change Log 9. Change Log
-- RFC Ed.: remove this section before publication. -- RFC Ed.: remove this section before publication.
9.1. 00-01 9.1. 00-01
skipping to change at page 37, line 40 skipping to change at page 37, line 40
9.11. 11-12 9.11. 11-12
o added typedef "timezone-name", and removed reference to o added typedef "timezone-name", and removed reference to
draft-ietf-netmod-iana-timezones draft-ietf-netmod-iana-timezones
9.12. 13-14 9.12. 13-14
o moved the "crypt-hash" typedef to an IANA maintained module. o moved the "crypt-hash" typedef to an IANA maintained module.
o updated securoty considerations to mention RADIUS threats. o updated security considerations to mention RADIUS threats.
9.13. 14-15
o updated security considerations to mention SSH authentication
method threats.
10. References 10. References
10.1. Normative References 10.1. Normative References
[FIPS.180-3.2008] [FIPS.180-3.2008]
National Institute of Standards and Technology, "Secure National Institute of Standards and Technology, "Secure
Hash Standard", FIPS PUB 180-3, October 2008, <http:// Hash Standard", FIPS PUB 180-3, October 2008, <http://
csrc.nist.gov/publications/fips/fips180-3/ csrc.nist.gov/publications/fips/fips180-3/
fips180-3_final.pdf>. fips180-3_final.pdf>.
skipping to change at page 38, line 39 skipping to change at page 38, line 39
"Remote Authentication Dial In User Service (RADIUS)", "Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000. RFC 2865, June 2000.
[RFC3162] Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6", [RFC3162] Aboba, B., Zorn, G., and D. Mitton, "RADIUS and IPv6",
RFC 3162, August 2001. RFC 3162, August 2001.
[RFC3418] Presuhn, R., "Management Information Base (MIB) for the [RFC3418] Presuhn, R., "Management Information Base (MIB) for the
Simple Network Management Protocol (SNMP)", STD 62, Simple Network Management Protocol (SNMP)", STD 62,
RFC 3418, December 2002. RFC 3418, December 2002.
[RFC4251] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Protocol Architecture", RFC 4251, January 2006.
[RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) [RFC4252] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Authentication Protocol", RFC 4252, January 2006. Authentication Protocol", RFC 4252, January 2006.
[RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH) [RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
Transport Layer Protocol", RFC 4253, January 2006. Transport Layer Protocol", RFC 4253, January 2006.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008. May 2008.
 End of changes. 7 change blocks. 
5 lines changed or deleted 19 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/