| rfc9647v4.txt | rfc9647.txt | |||
|---|---|---|---|---|
| skipping to change at line 1488 ¶ | skipping to change at line 1488 ¶ | |||
| IANA has registered the following in the "YANG Module Names" registry | IANA has registered the following in the "YANG Module Names" registry | |||
| [RFC6020]. | [RFC6020]. | |||
| Name: ietf-babel | Name: ietf-babel | |||
| Namespace: urn:ietf:params:xml:ns:yang:ietf-babel | Namespace: urn:ietf:params:xml:ns:yang:ietf-babel | |||
| Prefix: babel | Prefix: babel | |||
| Reference: RFC 9647 | Reference: RFC 9647 | |||
| 4. Security Considerations | 4. Security Considerations | |||
| The YANG module specified in this document defines a schema for data | This section is modeled after the template defined in Section 3.7.1 | |||
| that is designed to be accessed via network management protocols such | of [RFC8407]. | |||
| as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer | ||||
| is the secure transport layer, and the mandatory-to-implement secure | The "ietf-babel" YANG module defines a data model that is designed to | |||
| transport is SSH [RFC6242]. The lowest RESTCONF layer is HTTPS, and | be accessed via YANG-based management protocols, such as NETCONF | |||
| the mandatory-to-implement secure transport is TLS [RFC8446]. | [RFC6241] and RESTCONF [RFC8040]. These protocols have mandatory-to- | |||
| implement secure transport layers (e.g., Secure Shell (SSH) | ||||
| [RFC4252], TLS [RFC8446], and QUIC [RFC9000]) and mandatory-to- | ||||
| implement mutual authentication. | ||||
| The Network Configuration Access Control Model (NACM) [RFC8341] | The Network Configuration Access Control Model (NACM) [RFC8341] | |||
| provides the means to restrict access for particular NETCONF users to | provides the means to restrict access for particular NETCONF users to | |||
| a preconfigured subset of all available NETCONF protocol operations | a preconfigured subset of all available NETCONF protocol operations | |||
| and content. | and content. | |||
| The security considerations outlined here are specific to the YANG | The security considerations outlined here are specific to the YANG | |||
| data model and do not cover security considerations of the Babel | data model and do not cover security considerations of the Babel | |||
| protocol or its security mechanisms in "The Babel Routing Protocol" | protocol or its security mechanisms in "The Babel Routing Protocol" | |||
| [RFC8966], "MAC Authentication for the Babel Routing Protocol" | [RFC8966], "MAC Authentication for the Babel Routing Protocol" | |||
| skipping to change at line 1580 ¶ | skipping to change at line 1583 ¶ | |||
| 5. References | 5. References | |||
| 5.1. Normative References | 5.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC4252] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | ||||
| Authentication Protocol", RFC 4252, DOI 10.17487/RFC4252, | ||||
| January 2006, <https://www.rfc-editor.org/info/rfc4252>. | ||||
| [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- | [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- | |||
| 384, and HMAC-SHA-512 with IPsec", RFC 4868, | 384, and HMAC-SHA-512 with IPsec", RFC 4868, | |||
| DOI 10.17487/RFC4868, May 2007, | DOI 10.17487/RFC4868, May 2007, | |||
| <https://www.rfc-editor.org/info/rfc4868>. | <https://www.rfc-editor.org/info/rfc4868>. | |||
| [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., | |||
| and A. Bierman, Ed., "Network Configuration Protocol | and A. Bierman, Ed., "Network Configuration Protocol | |||
| (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, | |||
| <https://www.rfc-editor.org/info/rfc6241>. | <https://www.rfc-editor.org/info/rfc6241>. | |||
| [RFC6242] Wasserman, M., "Using the NETCONF Protocol over Secure | ||||
| Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, June 2011, | ||||
| <https://www.rfc-editor.org/info/rfc6242>. | ||||
| [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", | |||
| RFC 6991, DOI 10.17487/RFC6991, July 2013, | RFC 6991, DOI 10.17487/RFC6991, July 2013, | |||
| <https://www.rfc-editor.org/info/rfc6991>. | <https://www.rfc-editor.org/info/rfc6991>. | |||
| [RFC7693] Saarinen, M., Ed. and J. Aumasson, "The BLAKE2 | [RFC7693] Saarinen, M., Ed. and J. Aumasson, "The BLAKE2 | |||
| Cryptographic Hash and Message Authentication Code (MAC)", | Cryptographic Hash and Message Authentication Code (MAC)", | |||
| RFC 7693, DOI 10.17487/RFC7693, November 2015, | RFC 7693, DOI 10.17487/RFC7693, November 2015, | |||
| <https://www.rfc-editor.org/info/rfc7693>. | <https://www.rfc-editor.org/info/rfc7693>. | |||
| [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", | [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", | |||
| skipping to change at line 1647 ¶ | skipping to change at line 1650 ¶ | |||
| [RFC8967] Dô, C., Kolodziejak, W., and J. Chroboczek, "MAC | [RFC8967] Dô, C., Kolodziejak, W., and J. Chroboczek, "MAC | |||
| Authentication for the Babel Routing Protocol", RFC 8967, | Authentication for the Babel Routing Protocol", RFC 8967, | |||
| DOI 10.17487/RFC8967, January 2021, | DOI 10.17487/RFC8967, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8967>. | <https://www.rfc-editor.org/info/rfc8967>. | |||
| [RFC8968] Décimo, A., Schinazi, D., and J. Chroboczek, "Babel | [RFC8968] Décimo, A., Schinazi, D., and J. Chroboczek, "Babel | |||
| Routing Protocol over Datagram Transport Layer Security", | Routing Protocol over Datagram Transport Layer Security", | |||
| RFC 8968, DOI 10.17487/RFC8968, January 2021, | RFC 8968, DOI 10.17487/RFC8968, January 2021, | |||
| <https://www.rfc-editor.org/info/rfc8968>. | <https://www.rfc-editor.org/info/rfc8968>. | |||
| [RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | ||||
| Multiplexed and Secure Transport", RFC 9000, | ||||
| DOI 10.17487/RFC9000, May 2021, | ||||
| <https://www.rfc-editor.org/info/rfc9000>. | ||||
| [RFC9046] Stark, B. and M. Jethanandani, "Babel Information Model", | [RFC9046] Stark, B. and M. Jethanandani, "Babel Information Model", | |||
| RFC 9046, DOI 10.17487/RFC9046, June 2021, | RFC 9046, DOI 10.17487/RFC9046, June 2021, | |||
| <https://www.rfc-editor.org/info/rfc9046>. | <https://www.rfc-editor.org/info/rfc9046>. | |||
| [RFC9147] Rescorla, E., Tschofenig, H., and N. Modadugu, "The | [RFC9147] Rescorla, E., Tschofenig, H., and N. Modadugu, "The | |||
| Datagram Transport Layer Security (DTLS) Protocol Version | Datagram Transport Layer Security (DTLS) Protocol Version | |||
| 1.3", RFC 9147, DOI 10.17487/RFC9147, April 2022, | 1.3", RFC 9147, DOI 10.17487/RFC9147, April 2022, | |||
| <https://www.rfc-editor.org/info/rfc9147>. | <https://www.rfc-editor.org/info/rfc9147>. | |||
| [RFC9640] Watsen, K., "YANG Data Types and Groupings for | [RFC9640] Watsen, K., "YANG Data Types and Groupings for | |||
| skipping to change at line 1689 ¶ | skipping to change at line 1697 ¶ | |||
| [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", | |||
| BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, | BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8340>. | <https://www.rfc-editor.org/info/rfc8340>. | |||
| [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | |||
| and R. Wilton, "Network Management Datastore Architecture | and R. Wilton, "Network Management Datastore Architecture | |||
| (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8342>. | <https://www.rfc-editor.org/info/rfc8342>. | |||
| [RFC8407] Bierman, A., "Guidelines for Authors and Reviewers of | ||||
| Documents Containing YANG Data Models", BCP 216, RFC 8407, | ||||
| DOI 10.17487/RFC8407, October 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8407>. | ||||
| [W3C.REC-xml-20081126] | ||||
| Bray, T., Paoli, J., Sperberg-McQueen, C. M., Maler, E., | ||||
| and F. Yergeau, "Extensible Markup Language (XML) 1.0 | ||||
| (Fifth Edition)", W3C Recommendation REC-xml-20081126, | ||||
| November 2008, <https://www.w3.org/TR/xml/>. | ||||
| Appendix A. Tree Diagram and Example Configurations | Appendix A. Tree Diagram and Example Configurations | |||
| This section is devoted to including a complete tree diagram and | This section is devoted to including a complete tree diagram and | |||
| examples that demonstrate how Babel can be configured. | examples that demonstrate how Babel can be configured. | |||
| Note that various examples are encoded using Extensible Markup | ||||
| Language (XML) [W3C.REC-xml-20081126]. | ||||
| A.1. Complete Tree Diagram | A.1. Complete Tree Diagram | |||
| This section includes the complete tree diagram for the Babel YANG | This section includes the complete tree diagram for the Babel YANG | |||
| module. | module. | |||
| module: ietf-babel | module: ietf-babel | |||
| augment /rt:routing/rt:control-plane-protocols | augment /rt:routing/rt:control-plane-protocols | |||
| /rt:control-plane-protocol: | /rt:control-plane-protocol: | |||
| +--rw babel! | +--rw babel! | |||
| End of changes. 6 change blocks. | ||||
| 10 lines changed or deleted | 32 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||