| draft-ietf-netconf-nmda-restconf-04.txt | draft-ietf-netconf-nmda-restconf-05.txt | |||
|---|---|---|---|---|
| Network Working Group M. Bjorklund | Network Working Group M. Bjorklund | |||
| Internet-Draft Tail-f Systems | Internet-Draft Tail-f Systems | |||
| Updates: 8040 (if approved) J. Schoenwaelder | Updates: 8040 (if approved) J. Schoenwaelder | |||
| Intended status: Standards Track Jacobs University | Intended status: Standards Track Jacobs University | |||
| Expires: October 22, 2018 P. Shafer | Expires: April 12, 2019 P. Shafer | |||
| K. Watsen | K. Watsen | |||
| Juniper Networks | Juniper Networks | |||
| R. Wilton | R. Wilton | |||
| Cisco Systems | Cisco Systems | |||
| April 20, 2018 | October 9, 2018 | |||
| RESTCONF Extensions to Support the Network Management Datastore | RESTCONF Extensions to Support the Network Management Datastore | |||
| Architecture | Architecture | |||
| draft-ietf-netconf-nmda-restconf-04 | draft-ietf-netconf-nmda-restconf-05 | |||
| Abstract | Abstract | |||
| This document extends the RESTCONF protocol defined in RFC 8040 in | This document extends the RESTCONF protocol defined in RFC 8040 in | |||
| order to support the Network Management Datastore Architecture | order to support the Network Management Datastore Architecture | |||
| defined in RFC 8342. | defined in RFC 8342. | |||
| This document updates RFC 8040 by introducing new datastore | This document updates RFC 8040 by introducing new datastore | |||
| resources, adding a new query parameter, and requiring the usage of | resources, adding a new query parameter, and requiring the usage of | |||
| I-D.ietf-netconf-rfc7895bis by RESTCONF servers implementing the | I-D.ietf-netconf-rfc7895bis by RESTCONF servers implementing the | |||
| skipping to change at page 1, line 47 ¶ | skipping to change at page 1, line 47 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 22, 2018. | This Internet-Draft will expire on April 12, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 4, line 5 ¶ | skipping to change at page 4, line 5 ¶ | |||
| NMDA. | NMDA. | |||
| 3.1. New Datastore Resources | 3.1. New Datastore Resources | |||
| This document defines a set of new resources representing datastores | This document defines a set of new resources representing datastores | |||
| as defined in [RFC8342]. These resources are available using the | as defined in [RFC8342]. These resources are available using the | |||
| following resource path template: | following resource path template: | |||
| {+restconf}/ds/<datastore> | {+restconf}/ds/<datastore> | |||
| The <datastore> path component is encoded as an "identity" according | The <datastore> path component is encoded as an "identityref" | |||
| to the JSON encoding rules for identities, defined in Section 4 of | according to the JSON encoding rules for identities, defined in | |||
| [RFC7951]. Such an identity MUST be derived from the "datastore" | Section 6.8 of [RFC7951]. The namespace-qualified form MUST be used. | |||
| identity defined in the "ietf-datastores" YANG module [RFC8342]. | Such an identity MUST be derived from the "datastore" identity | |||
| defined in the "ietf-datastores" YANG module [RFC8342]. | ||||
| Specifically: | Specifically: | |||
| o The resource {+restconf}/ds/ietf-datastores:operational refers to | o The resource {+restconf}/ds/ietf-datastores:operational refers to | |||
| the operational state datastore. | the operational state datastore. | |||
| o The resource {+restconf}/ds/ietf-datastores:running refers to the | o The resource {+restconf}/ds/ietf-datastores:running refers to the | |||
| running configuration datastore. | running configuration datastore. | |||
| o The resource {+restconf}/ds/ietf-datastores:intended refers to the | o The resource {+restconf}/ds/ietf-datastores:intended refers to the | |||
| intended configuration datastore. | intended configuration datastore. | |||
| An NMDA-compliant server MUST implement {+restconf}/ds/ietf- | An NMDA-compliant server MUST implement {+restconf}/ds/ietf- | |||
| datastores:operational. Other datastore resources are optional to | datastores:operational. Other datastore resources MAY be | |||
| implement. | implemented. | |||
| YANG actions can only be invoked in {+restconf}/ds/ietf- | YANG actions can only be invoked in {+restconf}/ds/ietf- | |||
| datastores:operational. | datastores:operational. | |||
| If a server implements the example datastore "ds-ephemeral" in the | If a server implements other datastores, such as the example | |||
| module "example-ds-ephemeral", it would implement the resource | datastore "ds-ephemeral" in the module "example-ds-ephemeral", the | |||
| {+restconf}/ds/example-ds-ephemeral:ds-ephemeral. | server would implement the resource {+restconf}/ds/example- ds- | |||
| ephemeral:ds-ephemeral. | ||||
| 3.2. Protocol Operations | 3.2. Protocol Operations | |||
| The protocol operations available for the new datastore resources | The protocol operations available for the new datastore resources | |||
| (Section 3.1) are the same as the protocol operations defined in | (Section 3.1) are the same as the protocol operations defined in | |||
| [RFC8040] for the {+restconf}/data resource with the following | [RFC8040] for the {+restconf}/data resource with the following | |||
| exceptions: | exceptions: | |||
| o Dynamic configuration datastores are excluded, as each dynamic | o Dynamic configuration datastores are excluded, as each dynamic | |||
| configuration datastore definition needs to be reviewed for what | configuration datastore definition needs to be reviewed for what | |||
| skipping to change at page 5, line 11 ¶ | skipping to change at page 5, line 11 ¶ | |||
| o The semantics of the "with-defaults" query parameter ([RFC8040], | o The semantics of the "with-defaults" query parameter ([RFC8040], | |||
| Section 4.8.9) differs when interacting with the operational state | Section 4.8.9) differs when interacting with the operational state | |||
| datastore. The semantics are described below, in Section 3.2.1. | datastore. The semantics are described below, in Section 3.2.1. | |||
| o [RFC8040], Section 3.5.4, paragraph 3 does not apply when | o [RFC8040], Section 3.5.4, paragraph 3 does not apply when | |||
| interacting with any resource under {+restconf}/ds. | interacting with any resource under {+restconf}/ds. | |||
| 3.2.1. With-defaults query parameter on the operational state datastore | 3.2.1. With-defaults query parameter on the operational state datastore | |||
| The "with-defaults" query parameter ([RFC8040], Section 4.8.9) is | The "with-defaults" query parameter ([RFC8040], Section 4.8.9) is | |||
| optional to support when interacting with {+restconf}/ds/ietf- | OPTIONAL to support when interacting with {+restconf}/ds/ietf- | |||
| datastores:operational. The associated capability to indicate a | datastores:operational. The associated capability to indicate a | |||
| server's support is identified with the URI: | server's support is identified with the URI: | |||
| urn:ietf:params:restconf:capability:with-operational-defaults:1.0 | urn:ietf:params:restconf:capability:with-operational-defaults:1.0 | |||
| For servers that support it, the behavior of the "with-defaults" | For servers that support it, the behavior of the "with-defaults" | |||
| query parameter on the operational state datastore is defined as | query parameter on the operational state datastore is defined as | |||
| follows: | follows: | |||
| o If no "with-defaults" query parameter is specified, or if it is | o If no "with-defaults" query parameter is specified, or if it is | |||
| skipping to change at page 6, line 15 ¶ | skipping to change at page 6, line 15 ¶ | |||
| Data in the operational state datatstore can come from multiple | Data in the operational state datatstore can come from multiple | |||
| sources. The server should return the most accurate value for the | sources. The server should return the most accurate value for the | |||
| "origin" metadata annotation as possible, indicating the source of | "origin" metadata annotation as possible, indicating the source of | |||
| the operational value, as specified in Section 5.3.4 of [RFC8342]. | the operational value, as specified in Section 5.3.4 of [RFC8342]. | |||
| When encoding the origin metadata annotation for a hierarchy of | When encoding the origin metadata annotation for a hierarchy of | |||
| returned nodes, the annotation can be omitted for a child node when | returned nodes, the annotation can be omitted for a child node when | |||
| the value matches that of the parent node, as described in | the value matches that of the parent node, as described in | |||
| "ietf-origin" YANG module [RFC8342]. | "ietf-origin" YANG module [RFC8342]. | |||
| The "with-origin" query parameter is optional to support. It is | The "with-origin" query parameter is OPTIONAL to support. It is | |||
| identified with the URI: | identified with the URI: | |||
| urn:ietf:params:restconf:capability:with-origin:1.0 | urn:ietf:params:restconf:capability:with-origin:1.0 | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| This document defines two capability identifier URNs in the "RESTCONF | This document defines two capability identifier URNs in the "RESTCONF | |||
| Capability URNs" registry defined in [RFC8040]: | Capability URNs" registry defined in [RFC8040]: | |||
| Index | Index | |||
| skipping to change at page 6, line 37 ¶ | skipping to change at page 6, line 37 ¶ | |||
| --------------------- | --------------------- | |||
| :with-origin | :with-origin | |||
| urn:ietf:params:restconf:capability:with-origin:1.0 | urn:ietf:params:restconf:capability:with-origin:1.0 | |||
| :with-operational-defaults | :with-operational-defaults | |||
| urn:ietf:params:restconf:capability:with-operational-defaults:1.0 | urn:ietf:params:restconf:capability:with-operational-defaults:1.0 | |||
| 5. Security Considerations | 5. Security Considerations | |||
| This documents extends the RESTCONF protocol by introducing new | This document extends the RESTCONF protocol by introducing new | |||
| datastore resources. The lowest RESTCONF layer is HTTPS, and the | datastore resources. The lowest RESTCONF layer is HTTPS, and the | |||
| mandatory-to-implement secure transport is TLS [RFC5246]. The | mandatory-to-implement secure transport is TLS [RFC8446]. The | |||
| RESTCONF protocol uses the network configuration access control model | RESTCONF protocol uses the network configuration access control model | |||
| [RFC8341], which provides the means to restrict access for particular | [RFC8341], which provides the means to restrict access for particular | |||
| RESTCONF users to a preconfigured subset of all available RESTCONF | RESTCONF users to a preconfigured subset of all available RESTCONF | |||
| protocol operations and content. | protocol operations and content. | |||
| The security constraints for the base RESTCONF protocol (see | The security constraints for the base RESTCONF protocol (see | |||
| Section 12 of [RFC8040] apply to the new RESTCONF datastore resources | Section 12 of [RFC8040]) apply to the new RESTCONF datastore | |||
| defined in this document. | resources defined in this document. | |||
| 6. Normative References | 6. Normative References | |||
| [I-D.ietf-netconf-rfc7895bis] | [I-D.ietf-netconf-rfc7895bis] | |||
| Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., | Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K., | |||
| and R. Wilton, "YANG Library", draft-ietf-netconf- | and R. Wilton, "YANG Library", draft-ietf-netconf- | |||
| rfc7895bis-06 (work in progress), April 2018. | rfc7895bis-06 (work in progress), April 2018. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ | Requirement Levels", BCP 14, RFC 2119, | |||
| RFC2119, March 1997, <https://www.rfc-editor.org/info/ | DOI 10.17487/RFC2119, March 1997, <https://www.rfc- | |||
| rfc2119>. | editor.org/info/rfc2119>. | |||
| [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security | ||||
| (TLS) Protocol Version 1.2", RFC 5246, DOI 10.17487/ | ||||
| RFC5246, August 2008, <https://www.rfc-editor.org/info/ | ||||
| rfc5246>. | ||||
| [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", RFC | [RFC7951] Lhotka, L., "JSON Encoding of Data Modeled with YANG", | |||
| 7951, DOI 10.17487/RFC7951, August 2016, <https://www.rfc- | RFC 7951, DOI 10.17487/RFC7951, August 2016, | |||
| editor.org/info/rfc7951>. | <https://www.rfc-editor.org/info/rfc7951>. | |||
| [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF | |||
| Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, | |||
| <https://www.rfc-editor.org/info/rfc8040>. | <https://www.rfc-editor.org/info/rfc8040>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration | |||
| Access Control Model", STD 91, RFC 8341, DOI 10.17487/ | Access Control Model", STD 91, RFC 8341, | |||
| RFC8341, March 2018, <https://www.rfc-editor.org/info/ | DOI 10.17487/RFC8341, March 2018, <https://www.rfc- | |||
| rfc8341>. | editor.org/info/rfc8341>. | |||
| [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | [RFC8342] Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., | |||
| and R. Wilton, "Network Management Datastore Architecture | and R. Wilton, "Network Management Datastore Architecture | |||
| (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | (NMDA)", RFC 8342, DOI 10.17487/RFC8342, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8342>. | <https://www.rfc-editor.org/info/rfc8342>. | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | ||||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8446>. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Martin Bjorklund | Martin Bjorklund | |||
| Tail-f Systems | Tail-f Systems | |||
| Email: mbj@tail-f.com | Email: mbj@tail-f.com | |||
| Juergen Schoenwaelder | Juergen Schoenwaelder | |||
| Jacobs University | Jacobs University | |||
| Email: j.schoenwaelder@jacobs-university.de | Email: j.schoenwaelder@jacobs-university.de | |||
| End of changes. 16 change blocks. | ||||
| 33 lines changed or deleted | 34 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||