draft-ietf-i2nsf-capability-data-model-15.txt   draft-ietf-i2nsf-capability-data-model-16.txt 
I2NSF Working Group S. Hares, Ed. I2NSF Working Group S. Hares, Ed.
Internet-Draft Huawei Internet-Draft Huawei
Intended status: Standards Track J. Jeong, Ed. Intended status: Standards Track J. Jeong, Ed.
Expires: July 21, 2021 J. Kim Expires: September 9, 2021 J. Kim
Sungkyunkwan University Sungkyunkwan University
R. Moskowitz R. Moskowitz
HTT Consulting HTT Consulting
Q. Lin Q. Lin
Huawei Huawei
January 17, 2021 March 8, 2021
I2NSF Capability YANG Data Model I2NSF Capability YANG Data Model
draft-ietf-i2nsf-capability-data-model-15 draft-ietf-i2nsf-capability-data-model-16
Abstract Abstract
This document defines an information model and the corresponding YANG This document defines an information model and the corresponding YANG
data model for the capabilities of various Network Security Functions data model for the capabilities of various Network Security Functions
(NSFs) in the Interface to Network Security Functions (I2NSF) (NSFs) in the Interface to Network Security Functions (I2NSF)
framework to centrally manage the capabilities of the various NSFs. framework to centrally manage the capabilities of the various NSFs.
Status of This Memo Status of This Memo
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 21, 2021. This Internet-Draft will expire on September 9, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 25 skipping to change at page 2, line 25
3.1. Design Principles and ECA Policy Model Overview . . . . . 5 3.1. Design Principles and ECA Policy Model Overview . . . . . 5
3.2. Matched Policy Rule . . . . . . . . . . . . . . . . . . . 8 3.2. Matched Policy Rule . . . . . . . . . . . . . . . . . . . 8
3.3. Conflict, Resolution Strategy and Default Action . . . . 8 3.3. Conflict, Resolution Strategy and Default Action . . . . 8
4. Overview of YANG Data Model . . . . . . . . . . . . . . . . . 9 4. Overview of YANG Data Model . . . . . . . . . . . . . . . . . 9
5. YANG Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 12 5. YANG Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 12
5.1. Network Security Function (NSF) Capabilities . . . . . . 12 5.1. Network Security Function (NSF) Capabilities . . . . . . 12
6. YANG Data Model of I2NSF NSF Capability . . . . . . . . . . . 15 6. YANG Data Model of I2NSF NSF Capability . . . . . . . . . . . 15
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 59 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 59
8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 59 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 59
9. Security Considerations . . . . . . . . . . . . . . . . . . . 60 9. Security Considerations . . . . . . . . . . . . . . . . . . . 60
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 61 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 60
10.1. Normative References . . . . . . . . . . . . . . . . . . 61 10.1. Normative References . . . . . . . . . . . . . . . . . . 60
10.2. Informative References . . . . . . . . . . . . . . . . . 65 10.2. Informative References . . . . . . . . . . . . . . . . . 65
Appendix A. Configuration Examples . . . . . . . . . . . . . . . 67 Appendix A. Configuration Examples . . . . . . . . . . . . . . . 67
A.1. Example 1: Registration for the Capabilities of a General A.1. Example 1: Registration for the Capabilities of a General
Firewall . . . . . . . . . . . . . . . . . . . . . . . . 67 Firewall . . . . . . . . . . . . . . . . . . . . . . . . 67
A.2. Example 2: Registration for the Capabilities of a Time- A.2. Example 2: Registration for the Capabilities of a Time-
based Firewall . . . . . . . . . . . . . . . . . . . . . 70 based Firewall . . . . . . . . . . . . . . . . . . . . . 70
A.3. Example 3: Registration for the Capabilities of a Web A.3. Example 3: Registration for the Capabilities of a Web
Filter . . . . . . . . . . . . . . . . . . . . . . . . . 72 Filter . . . . . . . . . . . . . . . . . . . . . . . . . 72
A.4. Example 4: Registration for the Capabilities of a A.4. Example 4: Registration for the Capabilities of a
VoIP/VoLTE Filter . . . . . . . . . . . . . . . . . . . . 72 VoIP/VoLTE Filter . . . . . . . . . . . . . . . . . . . . 72
skipping to change at page 16, line 26 skipping to change at page 16, line 26
o [I-D.ietf-tcpm-rfc793bis] o [I-D.ietf-tcpm-rfc793bis]
o [I-D.ietf-tcpm-accurate-ecn] o [I-D.ietf-tcpm-accurate-ecn]
o [I-D.ietf-tsvwg-udp-options] o [I-D.ietf-tsvwg-udp-options]
o [I-D.ietf-i2nsf-nsf-monitoring-data-model] o [I-D.ietf-i2nsf-nsf-monitoring-data-model]
o [I-D.ietf-i2nsf-sdn-ipsec-flow-protection] o [I-D.ietf-i2nsf-sdn-ipsec-flow-protection]
<CODE BEGINS> file "ietf-i2nsf-capability@2021-01-17.yang" <CODE BEGINS> file "ietf-i2nsf-capability@2021-03-08.yang"
module ietf-i2nsf-capability { module ietf-i2nsf-capability {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-i2nsf-capability"; "urn:ietf:params:xml:ns:yang:ietf-i2nsf-capability";
prefix prefix
nsfcap; nsfcap;
organization organization
"IETF I2NSF (Interface to Network Security Functions) "IETF I2NSF (Interface to Network Security Functions)
Working Group"; Working Group";
skipping to change at page 17, line 15 skipping to change at page 17, line 14
<mailto:shares@ndzh.com>"; <mailto:shares@ndzh.com>";
description description
"This module is a YANG module for I2NSF Network Security "This module is a YANG module for I2NSF Network Security
Functions (NSFs)'s Capabilities. Functions (NSFs)'s Capabilities.
Copyright (c) 2021 IETF Trust and the persons identified as Copyright (c) 2021 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject without modification, is permitted pursuant to, and subject to
to the license terms contained in, the Simplified BSD License the license terms contained in, the Simplified BSD License set
set forth in Section 4.c of the IETF Trust's Legal Provisions forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents Relating to IETF Documents
http://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX; see This version of this YANG module is part of RFC XXXX
the RFC itself for full legal notices."; (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices.";
// RFC Ed.: replace XXXX with an actual RFC number and remove // RFC Ed.: replace XXXX with an actual RFC number and remove
// this note. // this note.
revision "2021-01-17"{ revision "2021-03-08"{
description "Initial revision."; description "Initial revision.";
reference reference
"RFC XXXX: I2NSF Capability YANG Data Model"; "RFC XXXX: I2NSF Capability YANG Data Model";
// RFC Ed.: replace XXXX with an actual RFC number and remove // RFC Ed.: replace XXXX with an actual RFC number and remove
// this note. // this note.
} }
/* /*
* Identities * Identities
skipping to change at page 61, line 28 skipping to change at page 61, line 24
Flow Protection", draft-ietf-i2nsf-sdn-ipsec-flow- Flow Protection", draft-ietf-i2nsf-sdn-ipsec-flow-
protection-12 (work in progress), October 2020. protection-12 (work in progress), October 2020.
[I-D.ietf-tcpm-accurate-ecn] [I-D.ietf-tcpm-accurate-ecn]
Briscoe, B., Kuehlewind, M., and R. Scheffenegger, "More Briscoe, B., Kuehlewind, M., and R. Scheffenegger, "More
Accurate ECN Feedback in TCP", draft-ietf-tcpm-accurate- Accurate ECN Feedback in TCP", draft-ietf-tcpm-accurate-
ecn-13 (work in progress), November 2020. ecn-13 (work in progress), November 2020.
[I-D.ietf-tcpm-rfc793bis] [I-D.ietf-tcpm-rfc793bis]
Eddy, W., "Transmission Control Protocol (TCP) Eddy, W., "Transmission Control Protocol (TCP)
Specification", draft-ietf-tcpm-rfc793bis-19 (work in Specification", draft-ietf-tcpm-rfc793bis-20 (work in
progress), October 2020. progress), January 2021.
[I-D.ietf-tsvwg-udp-options] [I-D.ietf-tsvwg-udp-options]
Touch, J., "Transport Options for UDP", draft-ietf-tsvwg- Touch, J., "Transport Options for UDP", draft-ietf-tsvwg-
udp-options-09 (work in progress), November 2020. udp-options-09 (work in progress), November 2020.
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
DOI 10.17487/RFC0768, August 1980, DOI 10.17487/RFC0768, August 1980,
<https://www.rfc-editor.org/info/rfc768>. <https://www.rfc-editor.org/info/rfc768>.
[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
skipping to change at page 77, line 29 skipping to change at page 77, line 29
Susan Hares (editor) Susan Hares (editor)
Huawei Huawei
7453 Hickory Hill 7453 Hickory Hill
Saline, MI 48176 Saline, MI 48176
USA USA
Phone: +1-734-604-0332 Phone: +1-734-604-0332
EMail: shares@ndzh.com EMail: shares@ndzh.com
Jaehoon Paul Jeong (editor) Jaehoon (Paul) Jeong (editor)
Department of Computer Science and Engineering Department of Computer Science and Engineering
Sungkyunkwan University Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu 2066 Seobu-Ro, Jangan-Gu
Suwon, Gyeonggi-Do 16419 Suwon, Gyeonggi-Do 16419
Republic of Korea Republic of Korea
Phone: +82 31 299 4957 Phone: +82 31 299 4957
Fax: +82 31 290 7996 Fax: +82 31 290 7996
EMail: pauljeong@skku.edu EMail: pauljeong@skku.edu
URI: http://iotlab.skku.edu/people-jaehoon-jeong.php URI: http://iotlab.skku.edu/people-jaehoon-jeong.php
Jinyong Tim Kim Jinyong (Tim) Kim
Department of Electronic, Electrical and Computer Engineering Department of Electronic, Electrical and Computer Engineering
Sungkyunkwan University Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu 2066 Seobu-Ro, Jangan-Gu
Suwon, Gyeonggi-Do 16419 Suwon, Gyeonggi-Do 16419
Republic of Korea Republic of Korea
Phone: +82 10 8273 0930 Phone: +82 10 8273 0930
EMail: timkim@skku.edu EMail: timkim@skku.edu
Robert Moskowitz Robert Moskowitz
 End of changes. 13 change blocks. 
19 lines changed or deleted 19 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/