< draft-jholland-taps-api-yang-02.txt   draft-jholland-taps-api-yang-03.txt >
Taps J. Holland Taps J. Holland
Internet-Draft Akamai Technologies, Inc. Internet-Draft Akamai Technologies, Inc.
Intended status: Standards Track March 09, 2019 Intended status: Standards Track July 07, 2019
Expires: September 10, 2019 Expires: January 8, 2020
A YANG Data Model for a Transport Services API at Endpoints A YANG Data Model for a Transport Services API at Endpoints
draft-jholland-taps-api-yang-02 draft-jholland-taps-api-yang-03
Abstract Abstract
This document defines a YANG data model that provides a data This document defines a YANG data model that provides a data
structure that can be used to configure an implementation of the structure that can be used to configure an implementation of the
Transport Services Interface to establish connections suitable for Transport Services Interface to establish connections suitable for
sending and receiving data over the internet or local networks. This sending and receiving data over the internet or local networks. This
document is intended to supplement or merge with draft-ietf-taps- document is intended to supplement or merge with draft-ietf-taps-
interface. interface.
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 10, 2019. This Internet-Draft will expire on January 8, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 15 skipping to change at page 2, line 15
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. A Note On The Use Of YANG . . . . . . . . . . . . . . . . 3 1.1. A Note On The Use Of YANG . . . . . . . . . . . . . . . . 3
2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Basic Client Connection . . . . . . . . . . . . . . . . . 4 3.1. Basic Client Connection . . . . . . . . . . . . . . . . . 4
3.2. Customized Connections . . . . . . . . . . . . . . . . . 5 3.2. Customized Connections . . . . . . . . . . . . . . . . . 5
3.2.1. Prohibit Specific Interface . . . . . . . . . . . . . 5 3.2.1. Require Wi-Fi . . . . . . . . . . . . . . . . . . . . 5
3.2.2. Require Wi-Fi . . . . . . . . . . . . . . . . . . . . 6
3.3. Send and Receive Multicast . . . . . . . . . . . . . . . 6 3.3. Send and Receive Multicast . . . . . . . . . . . . . . . 6
3.4. Connecting Through a Stun Server . . . . . . . . . . . . 8 3.4. Connecting Through a Stun Server . . . . . . . . . . . . 8
4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 9 4. YANG Module . . . . . . . . . . . . . . . . . . . . . . . . . 9
5. Security Considerations . . . . . . . . . . . . . . . . . . . 18 5. Security Considerations . . . . . . . . . . . . . . . . . . . 18
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
7. Normative References . . . . . . . . . . . . . . . . . . . . 19 7. Normative References . . . . . . . . . . . . . . . . . . . . 19
Appendix A. Future Work . . . . . . . . . . . . . . . . . . . . 20 Appendix A. Future Work . . . . . . . . . . . . . . . . . . . . 20
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 20 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 20
1. Introduction 1. Introduction
This document is an attempt to concretize the properties and objects This document is an attempt to concretize the properties and objects
of the TAPS interface described in [I-D.ietf-taps-interface], under of the TAPS interface described in [I-D.ietf-taps-interface], under
the architecture described in [I-D.ietf-taps-arch]. the architecture described in [I-D.ietf-taps-arch].
skipping to change at page 3, line 28 skipping to change at page 3, line 26
connection objects suitable for replacing BSD sockets in a wide connection objects suitable for replacing BSD sockets in a wide
variety of applications. variety of applications.
2. Tree Diagram 2. Tree Diagram
Tree diagrams used in this document follow the notation defined in Tree diagrams used in this document follow the notation defined in
[RFC8340]. [RFC8340].
module: ietf-taps-api module: ietf-taps-api
+--rw preconnection +--rw preconnection
| +--rw properties* [type preference] +--rw local-endpoints* [id]
| | +--rw preference preference-level | +--rw id string
| | +--rw type identityref | +--rw local-address? inet:ip-address
| | +--rw iftype* identityref | +--rw local-port? inet:port-number
| | +--rw ifref* if:interface-ref | +--rw stun-info
| | +--rw address* inet:ip-address | +--rw host? inet:host
| | +--rw port* inet:port-number | +--rw port? inet:port-number
| | +--rw host* inet:host | +--rw identity? string
| | +--rw stun-info | +--rw trust-ca? string
| | +--rw host? inet:host | +--rw algorithm? identityref
| | +--rw port? inet:port-number | +--rw pre-shared-key? string
| | +--rw identity? string | +--rw private-key? string
| | +--rw algorithm? identityref | +--rw private-key-callback-handle? string
| | +--rw pre-shared-key? string | +--rw public-key? string
| | +--rw private-key? string +--rw remote-endpoints* [id]
| | +--rw private-key-callback-handle? string | +--rw id string
| | +--rw public-key? string | +--rw remote-host? inet:host
| +--rw security | +--rw remote-port? inet:port-number
| +--rw credentials* [identity algorithm] +--rw transport-properties
| | +--rw identity string | +--rw reliability? preference-level
| | +--rw algorithm identityref | +--rw preserve-msg-boundaries? preference-level
| | +--rw pre-shared-key? string | +--rw per-message-reliability? preference-level
| | +--rw private-key? string | +--rw preserve-order? preference-level
| | +--rw private-key-callback-handle? string | +--rw zero-rtt-msg? preference-level
| | +--rw public-key? string | +--rw multistreaming? preference-level
| +--rw session-cache-capacity? uint32 | +--rw per-msg-checksum-len-send? preference-level
| +--rw session-cache-lifetime? uint32 | +--rw per-msg-checksum-len-recv? preference-level
+--ro connection | +--rw congestion-control? preference-level
+--ro properties* [] | +--rw interface* [preference value]
+--ro type? identityref | | +--rw preference preference-level
+--ro iftype* identityref | | +--rw value union
+--ro ifref* if:interface-ref | +--rw pvd* [preference value]
+--ro address* inet:ip-address | | +--rw preference preference-level
+--ro port* inet:port-number | | +--rw value identityref
+--ro host* inet:host | +--rw multipath? preference-level
+--ro stun-info | +--rw direction? enumeration
+--ro host? inet:host | +--rw retransmit-notify? preference-level
+--ro port? inet:port-number | +--rw soft-error-notify? preference-level
+--ro identity? string +--rw security
+--ro algorithm? identityref +--rw credentials* [identity algorithm]
+--ro pre-shared-key? string | +--rw identity string
+--ro private-key? string | +--rw trust-ca? string
+--ro private-key-callback-handle? string | +--rw algorithm identityref
+--ro public-key? string | +--rw pre-shared-key? string
| +--rw private-key? string
| +--rw private-key-callback-handle? string
| +--rw public-key? string
+--rw session-cache-capacity? uint32
+--rw session-cache-lifetime? uint32
Tree Diagram Tree Diagram
3. Examples 3. Examples
3.1. Basic Client Connection 3.1. Basic Client Connection
The API is designed to allow defaults to fill out almost everything. The API is designed to allow defaults to fill out almost everything.
This example shows the minimal preconnection configuration input data This example shows the minimal preconnection configuration input data
to open a reliable transfer to example.com, via any supported to open a reliable transfer to example.com, via any supported
reliable transport protocol on the default port or ports. reliable transport protocol on the default port or ports.
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "remote-endpoints":[
{ {
"type":"remote-host", "id":"option1",
"preference":"require", "remote-host":"example.com"
"host":["example.com"]
} }
] ]
} }
} }
Basic Client Connection Basic Client Connection
Due to the defaults recommended in (TBD: fix reference) Section 5 of Due to the defaults recommended in (TBD: fix reference) Section 5 of
draft-ietf-taps-interface-02, implementations SHOULD treat this basic draft-ietf-taps-interface-02, implementations SHOULD treat this basic
example equivalently to the same example with the defaults explicitly example equivalently to the same example with the defaults explicitly
provided: provided:
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "remote-endpoints":[
{
"type":"remote-host",
"host":["example.com"],
"preference":"require"
},
{
"type":"reliable",
"preference":"require"
},
{
"type":"preserve-order",
"preference":"require"
},
{ {
"type":"congestion-control", "id":"option1",
"preference":"require" "remote-host":"example.com"
} }
] ],
"transport-properties":{
"reliability":"require",
"preserve-order":"require",
"congestion-control":"require"
}
} }
} }
Basic Client Connection Explicitly Declaring Defaults Basic Client Connection Explicitly Declaring Defaults
3.2. Customized Connections 3.2. Customized Connections
In some cases, applications may have explicit preferences, either In some cases, applications may have explicit preferences, either
dynamically inferred from past statistics or configured via system or dynamically inferred from past statistics or configured via system or
app preferences of some kind. app preferences of some kind.
These examples demonstrates adding constraints on the endpoints when These examples demonstrates adding constraints on the endpoints when
opening a connection. opening a connection.
3.2.1. Prohibit Specific Interface 3.2.1. Require Wi-Fi
In this example, an app needs to avoid using a local proxy for a
specific set of connections, so it might configure those connections
to prohibit connecting through a specific loopback interface:
{
"ietf-taps-api:preconnection":{
"properties":[
{
"type":"remote-host",
"preference":"require",
"host":["example.com"]
},
{
"type":"local-interface-selection",
"preference":"prohibit",
"ifref":["lo0"]
}
]
}
}
Figure 1: Customized to avoid lo0
3.2.2. Require Wi-Fi
This example demonstrates an app that requires the use of a wireless This example demonstrates an app that requires the use of a wireless
interface: interface:
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "remote-endpoints":[
{
"type":"remote-host",
"preference":"require",
"host":["example.com"]
},
{ {
"type":"local-interface-selection", "id":"option1",
"preference":"require", "remote-host":"example.com"
"iftype":["iana-if-type:capwapDot11Profile"]
} }
] ],
"transport-properties":{
"interface":[
{
"preference":"avoid",
"value":"iana-if-type:capwapDot11Profile"
}
]
}
} }
} }
Figure 2: Customized to require wireless. Figure 1: Customized to require wireless.
3.3. Send and Receive Multicast 3.3. Send and Receive Multicast
Sending to a multicast group is the same as any non-reliable, non- Sending to a multicast group is the same as any non-reliable, non-
ordered connection: ordered connection:
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "local-endpoints":[
{
"type":"local-address",
"preference":"require",
"address":["192.0.2.15"]
},
{
"type":"remote-host",
"preference":"require",
"host":["232.252.0.2"]
},
{ {
"type":"remote-port", "id":"option1",
"preference":"require", "local-address":"192.0.2.15"
"port":["30000"] }
}, ],
"remote-endpoints":[
{ {
"type":"udp", "id":"option1",
"preference":"require" "remote-host":"232.252.0.2",
"remote-port":"30000"
} }
] ],
"transport-properties": {
"congestion-control":"ignore",
"reliability":"ignore",
"preserve-order":"ignore"
}
} }
} }
Figure 3: PreConnection for Sending Multicast Figure 2: PreConnection for Sending Multicast
Receiving multicast is similar. It may use remote-endpoint to Receiving multicast is similar. It may use remote-endpoint to
specify a source-specific multicast subscription, or exclude it to specify a source-specific multicast subscription, or exclude it to
specify any-source multicast. specify any-source multicast.
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "remote-endpoints":[
{
"type":"remote-host",
"preference":"require",
"host":["192.0.2.15"]
},
{
"type":"local-address",
"preference":"require",
"address":["232.252.0.2"]
},
{ {
"type":"local-port", "id":"1",
"preference":"require", "remote-host":"192.0.2.15"
"port":["30000"] }
}, ],
"local-endpoints":[
{ {
"type":"udp", "id":"1",
"preference":"require" "local-address":"232.252.0.2",
"local-port":"30000"
} }
] ],
"transport-properties": {
"congestion-control":"ignore",
"reliability":"ignore",
"preserve-order":"ignore",
"direction":"unidirection-receive"
}
} }
} }
Figure 4: PreConnection for Source-specific Multicast Receive Figure 3: PreConnection for Source-specific Multicast Receive
3.4. Connecting Through a Stun Server 3.4. Connecting Through a Stun Server
STUN server connections are a local-endpoint property, and can be STUN server connections are a local-endpoint property, and can be
configured the same way. configured the same way.
{ {
"ietf-taps-api:preconnection":{ "ietf-taps-api:preconnection":{
"properties":[ "remote-endpoints":[
{ {
"type":"remote-host", "id":"option1",
"host":["example.com"], "remote-host":"example.com"
"preference":"require" }
}, ],
"local-endpoints":[
{ {
"type":"stun-server", "id":"option1",
"stun-info":{ "stun-info":{
"host":"203.0.113.4", "host":"203.0.113.4",
"port":"10000", "port":"10000",
"identity":"user@mail.example.com", "identity":"user@mail.example.com",
"pre-shared-key":"<pre-shared-key>" "pre-shared-key":"<pre-shared-key>"
} }
} }
] ]
} }
} }
Figure 5: Connect through a STUN server Figure 4: Connect through a STUN server
4. YANG Module 4. YANG Module
<CODE BEGINS> file ietf-taps-api@2019-03-11.yang <CODE BEGINS> file ietf-taps-api@2019-07-07.yang
module ietf-taps-api { module ietf-taps-api {
yang-version 1.1; yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-taps-api"; namespace "urn:ietf:params:xml:ns:yang:ietf-taps-api";
prefix "taps"; prefix "taps";
import ietf-inet-types { import ietf-inet-types {
prefix "inet"; prefix "inet";
reference "RFC 6991 Section 4"; reference "RFC 6991 Section 4";
} }
skipping to change at page 11, line 14 skipping to change at page 11, line 16
enum prohibit { enum prohibit {
description description
"select only options not proiding ths property, fail "select only options not proiding ths property, fail
otherwise"; otherwise";
} }
} }
description description
"This value represents the preference level of a property."; "This value represents the preference level of a property.";
} }
identity connection-config-property { identity transport-property-type {
description "Base identity for configuring connections";
}
identity transport-property {
base connection-config-property;
description "Base identity for transport properties"; description "Base identity for transport properties";
} }
identity local-endpoint-property {
base connection-config-property;
description "Base identity for local endpoint properties";
}
identity local-address {
base local-endpoint-property;
description
"Identity for the address of a local endpoint";
}
identity local-port {
base local-endpoint-property;
description
"Identity for the port of a local endpoint";
}
identity stun-server {
base local-endpoint-property;
description
"Identity for using a stun server";
}
identity remote-endpoint-property {
base connection-config-property;
description "Base identity for remote endpoint properties";
}
identity remote-host {
base remote-endpoint-property;
description
"Identity for the host of a remote endpoint";
}
identity remote-port {
base remote-endpoint-property;
description
"Identity for the port of a remote endpoint";
}
identity reliable {
base transport-property;
description "Reliable Transport";
}
identity per-message-reliable {
base transport-property;
description "Per-message Reliable Transport";
}
identity preserve-order {
base transport-property;
description "Per-message Reliable Transport";
}
identity zero-rtt-establishment {
base transport-property;
description
"Use 0-RTT session establishment with an idempotent Message";
}
identity multistream-connections-in-group {
base transport-property;
description "Multistream Connections in Group";
}
identity control-checksum-coverage {
base transport-property;
description "Control checksum coverage on sending or receiving
TBD: draft-ietf-taps-interface-02#section-5.2.6 seems to
indicate some parameters are in order with this type,
not sure exactly what it should look like? Use case?";
}
identity congestion-control {
base transport-property;
description "Congestion control";
}
identity local-interface-selection {
base transport-property;
description "Interface Instance or Type
TBD: should this be a local-endpoint-property?";
}
identity provisioning-domain { identity provisioning-domain {
base transport-property; base transport-property-type;
description "Base for provisioning domain. description "Base for provisioning domain.
TBD: add relevant provisioning domain types"; TBD: add relevant provisioning domain types";
reference "RFC 7556: Multiple Provisioning Domain Architecture"; reference "RFC 7556: Multiple Provisioning Domain Architecture";
} }
identity transport-protocol { identity transport-protocol {
base transport-property; base transport-property-type;
description "Identity for a transport selection. description "Identity for a transport selection.
TBD: finish the rest of the protocols in TBD: finish the rest of the protocols in
https://tools.ietf.org/html/rfc8095#section-3.1 https://tools.ietf.org/html/rfc8095#section-3.1
maybe add quic, maybe use as external augment demo. maybe add quic, maybe use as external augment demo.
note: this isn't in taps-interface, but is available in note: this isn't in taps-interface, but is available in
e.g. NEAT-project/neat/examples/client.c"; e.g. NEAT-project/neat/examples/client.c";
reference "Section 3 of RFC 8095: Existing Transport Protocols"; reference "Section 3 of RFC 8095: Existing Transport Protocols";
} }
identity tcp { identity tcp {
skipping to change at page 15, line 22 skipping to change at page 13, line 37
} }
grouping security-credentials { grouping security-credentials {
description "security credentials"; description "security credentials";
leaf identity { leaf identity {
type string; type string;
description "identity for security credentials"; description "identity for security credentials";
} }
leaf trust-ca {
type string;
description "trust-ca for security credentials";
}
leaf algorithm { leaf algorithm {
type identityref { type identityref {
base security-algorithm; base security-algorithm;
} }
description "security algorithm for credentials"; description "security algorithm for credentials";
} }
leaf pre-shared-key { leaf pre-shared-key {
type string; type string;
description "pre-shared key for security credentials"; description "pre-shared key for security credentials";
skipping to change at page 15, line 51 skipping to change at page 14, line 24
description "private key callback handle for description "private key callback handle for
externally managed security credentials"; externally managed security credentials";
} }
leaf public-key { leaf public-key {
type string; type string;
description "public key for security credentials"; description "public key for security credentials";
} }
} }
grouping transport-property-info { container preconnection {
description "grouping of transport info, used by preconnection description "preconnection config for a taps connection";
and connection";
leaf type { list local-endpoints {
type identityref { key "id";
base "connection-config-property"; description "list of local endpoints";
}
description "type of the property";
}
leaf-list iftype { leaf id {
when "derived-from-or-self(../type, type string;
'taps:local-interface-selection')"; description "id of the local endpoint";
type identityref {
base "ianaift:iana-interface-type";
} }
description "interface type constraint for local
interface selection";
reference "RFC 7224 Section 2";
}
leaf-list ifref { leaf local-address {
when "derived-from-or-self(../type, type inet:ip-address;
'taps:local-interface-selection')"; description "ip address of local endpoint";
type if:interface-ref { }
require-instance false; leaf local-port {
type inet:port-number;
description "port value of an endpoint port";
} }
description "specific interface constraint for local
interface selection.";
}
leaf-list address { container stun-info {
when "derived-from-or-self(../type, description "config for the stun server";
'taps:local-address')";
type inet:ip-address;
description "ip address of local endpoint";
}
leaf-list port { leaf host {
when "derived-from-or-self(../type, type inet:host;
'taps:local-port') or description "stun server host";
derived-from-or-self(../type, }
'taps:remote-port')"; leaf port {
type inet:port-number; type inet:port-number;
description "port value of an endpoint port"; description "port number for the stun server";
}
uses security-credentials;
}
/* TBD: multicast-subscription: source-specific */
} }
leaf-list host { list remote-endpoints {
when "derived-from-or-self(../type, key "id";
'taps:remote-host')"; description "list of remote endpoints";
type inet:host;
description "host value of a remote endpoint";
}
container stun-info { leaf id {
when "derived-from-or-self(../type, type string;
'taps:stun-server')"; description "id of the remote endpoint";
description "config for the stun server"; }
leaf host { leaf remote-host {
type inet:host; type inet:host;
description "stun server host"; description "host value of a remote endpoint";
} }
leaf port {
leaf remote-port {
type inet:port-number; type inet:port-number;
description "port number for the stun server"; description "port value of an endpoint port";
} }
uses security-credentials;
} }
}
container preconnection { container transport-properties {
description "preconnection config for a taps connection"; description "transport property constraints";
list properties {
key "type preference";
description "list of transport property constraints.";
leaf preference { leaf reliability {
type preference-level; type preference-level;
/* TBD: would be nice if i could set default and have default "require";
less verbose config file. description "Section 5.2.1 of draft-ietf-taps-interface-03";
default require; */
description "preference level for the property";
} }
uses transport-property-info; leaf preserve-msg-boundaries {
type preference-level;
default "prefer";
description "Section 5.2.2 of draft-ietf-taps-interface-03";
}
leaf per-message-reliability {
type preference-level;
default "ignore";
description "Section 5.2.3 of draft-ietf-taps-interface-03";
}
leaf preserve-order {
type preference-level;
default "require";
description "Section 5.2.4 of draft-ietf-taps-interface-03";
}
leaf zero-rtt-msg {
type preference-level;
default "prefer";
description "Section 5.2.5 of draft-ietf-taps-interface-03";
}
leaf multistreaming {
type preference-level;
default "prefer";
description "Section 5.2.6 of draft-ietf-taps-interface-03";
}
leaf per-msg-checksum-len-send {
type preference-level;
default "ignore";
description "Section 5.2.7 of draft-ietf-taps-interface-03";
}
leaf per-msg-checksum-len-recv {
type preference-level;
default "ignore";
description "Section 5.2.8 of draft-ietf-taps-interface-03";
}
leaf congestion-control {
type preference-level;
default "require";
description "Section 5.2.9 of draft-ietf-taps-interface-03";
}
list interface {
key "preference value";
leaf preference {
type preference-level;
description "preference for this interface or interface type";
}
leaf value {
type union {
type identityref {
base "ianaift:iana-interface-type";
}
type if:interface-ref {
require-instance false;
}
}
description "name or type of interface constraint";
reference "RFC 7224 Section 2";
}
description "Section 5.2.10 of draft-ietf-taps-interface-03";
}
list pvd {
key "preference value";
leaf preference {
type preference-level;
description "preference for this pvd";
}
leaf value {
type identityref {
base "provisioning-domain";
}
description "the provisioning domain constraint";
}
description "Section 5.2.11 of draft-ietf-taps-interface-03";
}
leaf multipath {
type preference-level;
default "prefer";
description "Section 5.2.12 of draft-ietf-taps-interface-03";
}
leaf direction {
type enumeration {
enum bidirectional {
description "Bidirectional connection";
}
enum unidirection-send {
description "Unidirectional sending connection";
}
enum unidirection-receive {
description "Unidirectional receiving connection";
}
}
default "bidirectional";
description "Section 5.2.13 of draft-ietf-taps-interface-03";
}
leaf retransmit-notify {
type preference-level;
default "ignore";
description "Section 5.2.14 of draft-ietf-taps-interface-03";
}
leaf soft-error-notify {
type preference-level;
default "ignore";
description "Section 5.2.15 of draft-ietf-taps-interface-03";
}
} }
container security { container security {
description "Security properties for the connection"; description "Security properties for the connection";
list credentials { list credentials {
key "identity algorithm"; key "identity algorithm";
uses security-credentials; uses security-credentials;
description "security credentials"; description "security credentials";
} }
skipping to change at page 18, line 14 skipping to change at page 18, line 36
leaf session-cache-capacity { leaf session-cache-capacity {
type uint32; type uint32;
description "Max number of cache elements"; description "Max number of cache elements";
} }
leaf session-cache-lifetime { leaf session-cache-lifetime {
type uint32; type uint32;
description "Number of seconds of session cache lifetime"; description "Number of seconds of session cache lifetime";
} }
} }
} }
container connection {
config false;
description "information about connections";
list properties {
description "list of transport properties for live connections.";
uses transport-property-info;
}
}
} }
<CODE ENDS> <CODE ENDS>
Figure 6: TAPS Interface YANG model Figure 5: TAPS Interface YANG model
5. Security Considerations 5. Security Considerations
This document describes a configuration system for an API that may This document describes a configuration system for an API that may
replace sockets. All security considerations applicable to socket replace sockets. All security considerations applicable to socket
programming should be carefully considered by implementors. programming should be carefully considered by implementors.
(TBD: surely there is a sane reference, but also fill this out with (TBD: surely there is a sane reference, but also fill this out with
something less laughable. In particular, enumerate which options something less laughable. In particular, enumerate which options
should be privileged operations or not to preserve the security of should be privileged operations or not to preserve the security of
skipping to change at page 19, line 19 skipping to change at page 19, line 26
| Namespace | urn:ietf:params:xml:ns:yang:ietf-taps-api | | Namespace | urn:ietf:params:xml:ns:yang:ietf-taps-api |
| Prefix | taps | | Prefix | taps |
| Reference | [TBD: this document] | | Reference | [TBD: this document] |
+-----------+-------------------------------------------+ +-----------+-------------------------------------------+
7. Normative References 7. Normative References
[I-D.ietf-taps-arch] [I-D.ietf-taps-arch]
Pauly, T., Trammell, B., Brunstrom, A., Fairhurst, G., Pauly, T., Trammell, B., Brunstrom, A., Fairhurst, G.,
Perkins, C., Tiesel, P., and C. Wood, "An Architecture for Perkins, C., Tiesel, P., and C. Wood, "An Architecture for
Transport Services", draft-ietf-taps-arch-02 (work in Transport Services", draft-ietf-taps-arch-03 (work in
progress), October 2018. progress), March 2019.
[I-D.ietf-taps-interface] [I-D.ietf-taps-interface]
Trammell, B., Welzl, M., Enghardt, T., Fairhurst, G., Trammell, B., Welzl, M., Enghardt, T., Fairhurst, G.,
Kuehlewind, M., Perkins, C., Tiesel, P., and C. Wood, "An Kuehlewind, M., Perkins, C., Tiesel, P., and C. Wood, "An
Abstract Application Layer Interface to Transport Abstract Application Layer Interface to Transport
Services", draft-ietf-taps-interface-02 (work in Services", draft-ietf-taps-interface-03 (work in
progress), October 2018. progress), March 2019.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types",
RFC 6991, DOI 10.17487/RFC6991, July 2013, RFC 6991, DOI 10.17487/RFC6991, July 2013,
<https://www.rfc-editor.org/info/rfc6991>. <https://www.rfc-editor.org/info/rfc6991>.
 End of changes. 60 change blocks. 
322 lines changed or deleted 298 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/