Technical Summary
This document defines an information model and the corresponding YANG
data model for the capabilities of various Network Security Functions
(NSFs) in the Interface to Network Security Functions (I2NSF)
framework to centrally manage the capabilities of the various NSFs.
Working Group Summary
This document was a core deliverable of the WG. The document went through a discussions within the I2NSF WG and with NETMOD WG participants. Changes were made to utilize the modules that are already specified by RFC8519 (draft-ietf-netmod-acl-model) as much as possible.
In September 2020, -12 of this document was brought to the IESG telechat. This review generated a number of early DISCUSSes which resulted in this document being pulled from the telechat and returned to the WG to determine how to best resolve the specific feedback and the more structural issues of this document's dependence on the capabilities information model (i.e., draft-ietf-i2nsf-capability).
The WG deliberated on an approach and ultimately decided to merge the needed information text from draft-ietf-i2nsf-capability into this document (and discontinue work on draft-ietf-i2nsf-capability). Substantial edits were also made in response to AD review and the support of YANG Doctors.
Document Quality
The YANG module itself validates without any warnings.
An open source implementation around this work is found at https://github.com/jaehoonpaul/i2nsf-framework. It has participated in a number of IETF Hackathons.
Personnel
* Document Shepherd is Linda Dunbar
* The Responsible Area Director is Roman Danyliw