YANG Data Model for a "Keystore" Mechanism
draft-ietf-netconf-keystore-04

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
Author Kent Watsen
Last updated 2018-05-03 (Latest revision 2017-10-30)
Replaces draft-ietf-netconf-system-keychain
RFC stream Internet Engineering Task Force (IETF)
Formats
txt htmlized pdf bibtex bibxml
Reviews
SECDIR Last Call review (of -30) by Magnus Nyström Has nits
GENART Last Call review (of -29) by Reese Enghardt Ready w/issues
YANGDOCTORS Last Call review (of -20) by Jürgen Schönwälder Ready w/issues
SECDIR Last Call review (of -19) by Sandra Murphy Has issues
SECDIR Early review (of -18) by Magnus Nyström Has issues
YANGDOCTORS Last Call review (of -02) by Jürgen Schönwälder Not ready
OPSDIR Last Call Review due 2024-01-24 Incomplete
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt htmlized pdf bibtex bibxml

Abstract

This document defines a YANG module called a "keystore", containing pinned certificates and pinned SSH host-keys. The module also defines a grouping for configuring public key pairs and a grouping for configuring certificates. The module also defines a notification that a system can use when one of its configured certificates is about to expire.

Authors

Kent Watsen

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)