| draft-ietf-netconf-notification-13.txt | draft-ietf-netconf-notification-14.txt | |||
|---|---|---|---|---|
| Network Working Group S. Chisholm | Network Working Group S. Chisholm | |||
| Internet-Draft Nortel | Internet-Draft Nortel | |||
| Intended status: Standards Track H. Trevino | Intended status: Standards Track H. Trevino | |||
| Expires: November 30, 2008 Cisco | Expires: December 15, 2008 Cisco | |||
| May 29, 2008 | June 13, 2008 | |||
| NETCONF Event Notifications | NETCONF Event Notifications | |||
| draft-ietf-netconf-notification-13.txt | draft-ietf-netconf-notification-14.txt | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||
| applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||
| have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 35 | skipping to change at page 1, line 35 | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on November 30, 2008. | This Internet-Draft will expire on December 15, 2008. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (C) The IETF Trust (2008). | Copyright (C) The IETF Trust (2008). | |||
| Abstract | Abstract | |||
| This document defines mechanisms that provide an asynchronous message | This document defines mechanisms that provide an asynchronous message | |||
| notification delivery service for the NETCONF protocol. This is an | notification delivery service for the NETCONF protocol. This is an | |||
| optional capability built on top of the base NETCONF definition. | optional capability built on top of the base NETCONF definition. | |||
| skipping to change at page 3, line 16 | skipping to change at page 3, line 16 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37 | |||
| 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 38 | 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 38 | |||
| 10. Normative References . . . . . . . . . . . . . . . . . . . . . 39 | 10. Normative References . . . . . . . . . . . . . . . . . . . . . 39 | |||
| Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 40 | Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 40 | |||
| A.1. Version -08 . . . . . . . . . . . . . . . . . . . . . . . 40 | A.1. Version -08 . . . . . . . . . . . . . . . . . . . . . . . 40 | |||
| A.2. Version -09 . . . . . . . . . . . . . . . . . . . . . . . 42 | A.2. Version -09 . . . . . . . . . . . . . . . . . . . . . . . 42 | |||
| A.3. Version -10 . . . . . . . . . . . . . . . . . . . . . . . 44 | A.3. Version -10 . . . . . . . . . . . . . . . . . . . . . . . 44 | |||
| A.4. Version -11 . . . . . . . . . . . . . . . . . . . . . . . 44 | A.4. Version -11 . . . . . . . . . . . . . . . . . . . . . . . 44 | |||
| A.5. Version -12 . . . . . . . . . . . . . . . . . . . . . . . 45 | A.5. Version -12 . . . . . . . . . . . . . . . . . . . . . . . 45 | |||
| A.6. Version -13 . . . . . . . . . . . . . . . . . . . . . . . 45 | A.6. Version -13 . . . . . . . . . . . . . . . . . . . . . . . 45 | |||
| A.7. Version -13 . . . . . . . . . . . . . . . . . . . . . . . 47 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 48 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 48 | |||
| Intellectual Property and Copyright Statements . . . . . . . . . . 49 | Intellectual Property and Copyright Statements . . . . . . . . . . 49 | |||
| 1. Introduction | 1. Introduction | |||
| [NETCONF] can be conceptually partitioned into four layers: | [NETCONF] can be conceptually partitioned into four layers: | |||
| Layer Example | Layer Example | |||
| +-------------+ +-------------------------------------------+ | +-------------+ +-------------------------------------------+ | |||
| | Content | | Configuration data | | | Content | | Configuration data | | |||
| skipping to change at page 35, line 46 | skipping to change at page 35, line 46 | |||
| One potential security issue is the transport of data from non- | One potential security issue is the transport of data from non- | |||
| NETCONF streams, such as syslog and SNMP. This data may be more | NETCONF streams, such as syslog and SNMP. This data may be more | |||
| vulnerable (or less vulnerable) when being transported over NETCONF | vulnerable (or less vulnerable) when being transported over NETCONF | |||
| than when being transported using the protocol normally used for | than when being transported using the protocol normally used for | |||
| transporting it, depending on the security credentials of the two | transporting it, depending on the security credentials of the two | |||
| subsystems. The NETCONF server is responsible for applying access | subsystems. The NETCONF server is responsible for applying access | |||
| control to stream content. | control to stream content. | |||
| The contents of notifications as well as the names of event streams | The contents of notifications as well as the names of event streams | |||
| may contain sensitive information and care should be taken to ensure | may contain sensitive information and care should be taken to ensure | |||
| that they are viewed only by authorized users. If a user is not | that they are viewed only by authorized users. The NETCONF server | |||
| authorized to view all elements in the content of the notification, | MUST NOT include any content in a notification which the user is not | |||
| the notification is not sent to that user. | authorized to view. | |||
| If a subscription is created with a <stopTime>, the NETCONF session | If a subscription is created with a <stopTime>, the NETCONF session | |||
| will return to being a normal command-response NETCONF session when | will return to being a normal command-response NETCONF session when | |||
| the replay is completed. It is the responsibility of the NETCONF | the replay is completed. It is the responsibility of the NETCONF | |||
| client to close this session when it is no longer of use. | client to close this session when it is no longer of use. | |||
| 8. IANA Considerations | 8. IANA Considerations | |||
| -- Editor note to IANA/RFC-Editor: we request that you make these | -- Editor note to IANA/RFC-Editor: we request that you make these | |||
| assignments, in which case it is to be documented as below | assignments, in which case it is to be documented as below | |||
| skipping to change at page 48, line 5 | skipping to change at page 47, line 30 | |||
| involved. When a <get> is received against the content defined | involved. When a <get> is received against the content defined | |||
| in this memo, clients should only be able to view the content | in this memo, clients should only be able to view the content | |||
| for which they have sufficient privileges. A create <create- | for which they have sufficient privileges. A create <create- | |||
| subscription> operation can be considered like a deferred <get>, | subscription> operation can be considered like a deferred <get>, | |||
| and the content that different users can access may vary. This | and the content that different users can access may vary. This | |||
| different access is reflected in the <notification> that | different access is reflected in the <notification> that | |||
| different users are able to subscribe to. | different users are able to subscribe to. | |||
| 14. Updated import statements to not used fully qualified URLs. | 14. Updated import statements to not used fully qualified URLs. | |||
| A.7. Version -13 | ||||
| 1. In the Security Considerations section replaced "If a user is not | ||||
| authorized to view all elements in the content of the | ||||
| notification, the notification is not sent to that user." with | ||||
| "The NETCONF server MUST NOT include any content in a | ||||
| notification which the user is not authorized to view." | ||||
| Authors' Addresses | Authors' Addresses | |||
| Sharon Chisholm | Sharon Chisholm | |||
| Nortel | Nortel | |||
| 3500 Carling Ave | 3500 Carling Ave | |||
| Nepean, Ontario K2H 8E9 | Nepean, Ontario K2H 8E9 | |||
| Canada | Canada | |||
| Email: schishol@nortel.com | Email: schishol@nortel.com | |||
| End of changes. 6 change blocks. | ||||
| 7 lines changed or deleted | 16 lines changed or added | |||
This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||