Network Configuration Protocol (NETCONF) Access Control Model
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com>, netconf mailing list <firstname.lastname@example.org>, netconf chair <email@example.com> Subject: Protocol Action: 'Network Configuration Protocol (NETCONF) Access Control Model' to Proposed Standard (draft-ietf-netconf-access-control-07.txt) The IESG has approved the following document: - 'Network Configuration Protocol (NETCONF) Access Control Model' (draft-ietf-netconf-access-control-07.txt) as a Proposed Standard This document is the product of the Network Configuration Working Group. The IESG contact persons are Dan Romascanu and Ron Bonica. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-netconf-access-control/
Technical Summary The standardization of network configuration interfaces for use with the NETCONF protocol requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF protocol access for particular users to a pre- configured subset of all available NETCONF protocol operations and content. This document defines such an access control model. Working Group Summary There is strong consensus in the WG to publish this document. The document has been extensively discussed in the Working Group, including several WG Last Calls. The comments and reviews helped to improve the document a lot and the current version reflects the consensus of the Working Group. The Security ADs have also reviewed revision 5 of the document. The WG chairs specifically asked for a Detailed Security review, because the content of this document is all about access control and secure and properly authorized access to the NETCONF protocol and content. The last WGLC did raise only minor issues. The changes have been accepted by the WG. Document Quality Implementations of earlier drafts do (partially) exist and it is expected that NETCONF implementations will be extended once this document gets published as proposed standard. Personnel Bert Wijnen is the Document Shepherd for this document Dan Romascanu is the Responsible Area Director.