Diff: rfc9644v5.txt - rfc9644.txt

	rfc9644v5.txt	rfc9644.txt

	Internet Engineering Task Force (IETF) K. Watsen	Internet Engineering Task Force (IETF) K. Watsen
	Request for Comments: 9644 Watsen Networks	Request for Comments: 9644 Watsen Networks

	Category: Standards Track September 2024	Category: Standards Track October 2024
	ISSN: 2070-1721	ISSN: 2070-1721

	YANG Groupings for SSH Clients and SSH Servers	YANG Groupings for SSH Clients and SSH Servers

	Abstract	Abstract


	This document presents three IETF-defined YANG modules and the script	This document presents three IETF-defined YANG modules and a script
	used to create four supporting IANA modules.	used to create four supporting IANA modules.

	The three IETF modules are ietf-ssh-common, ietf-ssh-client, and	The three IETF modules are ietf-ssh-common, ietf-ssh-client, and
	ietf-ssh-server. The "ietf-ssh-client" and "ietf-ssh-server" modules	ietf-ssh-server. The "ietf-ssh-client" and "ietf-ssh-server" modules
	are the primary productions of this work, supporting the	are the primary productions of this work, supporting the
	configuration and monitoring of Secure Shell (SSH) clients and	configuration and monitoring of Secure Shell (SSH) clients and
	servers.	servers.

	The four IANA modules are iana-ssh-encryption-algs, iana-ssh-key-	The four IANA modules are iana-ssh-encryption-algs, iana-ssh-key-
	exchange-algs, iana-ssh-mac-algs, and iana-ssh-public-key-algs.	exchange-algs, iana-ssh-mac-algs, and iana-ssh-public-key-algs.

	skipping to change at line 100 ¶	skipping to change at line 100 ¶
	7.1. Normative References	7.1. Normative References
	7.2. Informative References	7.2. Informative References
	Appendix A. Script to Generate IANA-Maintained YANG Modules	Appendix A. Script to Generate IANA-Maintained YANG Modules
	Acknowledgements	Acknowledgements
	Contributors	Contributors
	Author's Address	Author's Address

	1. Introduction	1. Introduction

	This document presents three IETF-defined YANG modules [RFC7950] and	This document presents three IETF-defined YANG modules [RFC7950] and

	the script used to create four supporting IANA modules.	a script used to create four supporting IANA modules.

	The three IETF modules are ietf-ssh-common (Section 2), ietf-ssh-	The three IETF modules are ietf-ssh-common (Section 2), ietf-ssh-
	client (Section 3), and ietf-ssh-server (Section 4). The "ietf-ssh-	client (Section 3), and ietf-ssh-server (Section 4). The "ietf-ssh-
	client" and "ietf-ssh-server" modules are the primary productions of	client" and "ietf-ssh-server" modules are the primary productions of
	this work, supporting the configuration and monitoring of SSH clients	this work, supporting the configuration and monitoring of SSH clients
	and servers.	and servers.

	The groupings defined in this document are expected to be used in	The groupings defined in this document are expected to be used in
	conjunction with the groupings defined in an underlying transport-	conjunction with the groupings defined in an underlying transport-
	level module, such as the groupings defined in [RFC9643]. The	level module, such as the groupings defined in [RFC9643]. The
	transport-level data model enables the configuration of transport-	transport-level data model enables the configuration of transport-
	level values, such as a remote address, a remote port, a local	level values, such as a remote address, a remote port, a local
	address, and a local port.	address, and a local port.

	The four IANA modules are: iana-ssh-encryption-algs, iana-ssh-key-	The four IANA modules are: iana-ssh-encryption-algs, iana-ssh-key-
	exchange-algs, iana-ssh-mac-algs, and iana-ssh-public-key-algs.	exchange-algs, iana-ssh-mac-algs, and iana-ssh-public-key-algs.
	These modules each define YANG enumerations providing support for an	These modules each define YANG enumerations providing support for an
	IANA-maintained algorithm registry.	IANA-maintained algorithm registry.

	This document assumes that the four IANA modules exist and presents a	This document assumes that the four IANA modules exist and presents a

	script in Appendix A that IANA may use to generate the YANG modules.	script in Appendix A that IANA may use to generate those YANG
	This document does not publish the initial versions of these four	modules. This document does not publish the initial versions of
	modules. IANA publishes these modules.	these four modules. IANA publishes these modules.

	1.1. Regarding the Three IETF Modules	1.1. Regarding the Three IETF Modules

	The three IETF modules define features and groupings to model	The three IETF modules define features and groupings to model
	"generic" SSH clients and SSH servers, where "generic" should be	"generic" SSH clients and SSH servers, where "generic" should be
	interpreted as "least common denominator" rather than "complete."	interpreted as "least common denominator" rather than "complete."
	Support for the basic SSH protocol [RFC4252] [RFC4253] [RFC4254] is	Support for the basic SSH protocol [RFC4252] [RFC4253] [RFC4254] is
	afforded by these modules, leaving configuration of advanced features	afforded by these modules, leaving configuration of advanced features
	(e.g., multiple channels) to augmentations made by consuming modules.	(e.g., multiple channels) to augmentations made by consuming modules.


	skipping to change at line 507 ¶	skipping to change at line 507 ¶

	This YANG module has normative references to [RFC4250], [RFC4253],	This YANG module has normative references to [RFC4250], [RFC4253],
	[RFC6187], and [FIPS_186-5].	[RFC6187], and [FIPS_186-5].

	<CODE BEGINS> file "ietf-ssh-common@2024-03-16.yang"	<CODE BEGINS> file "ietf-ssh-common@2024-03-16.yang"
	module ietf-ssh-common {	module ietf-ssh-common {
	yang-version 1.1;	yang-version 1.1;
	namespace "urn:ietf:params:xml:ns:yang:ietf-ssh-common";	namespace "urn:ietf:params:xml:ns:yang:ietf-ssh-common";
	prefix sshcmn;	prefix sshcmn;


		import ietf-crypto-types {
		prefix ct;
		reference
		"RFC 9640: YANG Data Types and Groupings for Cryptography";
		}

		import ietf-keystore {
		prefix ks;
		reference
		"RFC 9642: A YANG Data Model for a Keystore";
		}

	import iana-ssh-encryption-algs {	import iana-ssh-encryption-algs {
	prefix sshea;	prefix sshea;
	reference	reference
	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";
	}	}

	import iana-ssh-key-exchange-algs {	import iana-ssh-key-exchange-algs {
	prefix sshkea;	prefix sshkea;
	reference	reference
	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";

	skipping to change at line 531 ¶	skipping to change at line 543 ¶
	reference	reference
	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";
	}	}

	import iana-ssh-public-key-algs {	import iana-ssh-public-key-algs {
	prefix sshpka;	prefix sshpka;
	reference	reference
	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";	"RFC 9644: YANG Groupings for SSH Clients and SSH Servers";
	}	}


	import ietf-crypto-types {
	prefix ct;
	reference
	"RFC 9640: YANG Data Types and Groupings for Cryptography";
	}

	import ietf-keystore {
	prefix ks;
	reference
	"RFC 9642: A YANG Data Model for a Keystore";
	}

	organization	organization
	"IETF NETCONF (Network Configuration) Working Group";	"IETF NETCONF (Network Configuration) Working Group";

	contact	contact
	"WG Web: https://datatracker.ietf.org/wg/netconf	"WG Web: https://datatracker.ietf.org/wg/netconf
	WG List: NETCONF WG list <mailto:netconf@ietf.org>	WG List: NETCONF WG list <mailto:netconf@ietf.org>
	Author: Kent Watsen <mailto:kent+ietf@watsen.net>	Author: Kent Watsen <mailto:kent+ietf@watsen.net>
	Author: Gary Wu <mailto:garywu@cisco.com>";	Author: Gary Wu <mailto:garywu@cisco.com>";

	description	description

	skipping to change at line 3030 ¶	skipping to change at line 3030 ¶
	[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol	[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
	Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,	Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
	<https://www.rfc-editor.org/info/rfc8446>.	<https://www.rfc-editor.org/info/rfc8446>.

	[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based	[RFC9000] Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
	Multiplexed and Secure Transport", RFC 9000,	Multiplexed and Secure Transport", RFC 9000,
	DOI 10.17487/RFC9000, May 2021,	DOI 10.17487/RFC9000, May 2021,
	<https://www.rfc-editor.org/info/rfc9000>.	<https://www.rfc-editor.org/info/rfc9000>.

	[RFC9640] Watsen, K., "YANG Data Types and Groupings for	[RFC9640] Watsen, K., "YANG Data Types and Groupings for

	Cryptography", RFC 9640, DOI 10.17487/RFC9640, September	Cryptography", RFC 9640, DOI 10.17487/RFC9640, October
	2024, <https://www.rfc-editor.org/info/rfc9640>.	2024, <https://www.rfc-editor.org/info/rfc9640>.

	[RFC9641] Watsen, K., "A YANG Data Model for a Truststore",	[RFC9641] Watsen, K., "A YANG Data Model for a Truststore",

	RFC 9641, DOI 10.17487/RFC9641, September 2024,	RFC 9641, DOI 10.17487/RFC9641, October 2024,
	<https://www.rfc-editor.org/info/rfc9641>.	<https://www.rfc-editor.org/info/rfc9641>.

	[RFC9642] Watsen, K., "A YANG Data Model for a Keystore", RFC 9642,	[RFC9642] Watsen, K., "A YANG Data Model for a Keystore", RFC 9642,

	DOI 10.17487/RFC9642, September 2024,	DOI 10.17487/RFC9642, October 2024,
	<https://www.rfc-editor.org/info/rfc9642>.	<https://www.rfc-editor.org/info/rfc9642>.

	7.2. Informative References	7.2. Informative References

	[FIPS_186-5]	[FIPS_186-5]
	NIST, "Digital Signature Standard (DSS)", FIPS PUB 186-5,	NIST, "Digital Signature Standard (DSS)", FIPS PUB 186-5,
	DOI 10.6028/NIST.FIPS.186-5, February 2023,	DOI 10.6028/NIST.FIPS.186-5, February 2023,
	<https://csrc.nist.gov/pubs/fips/186-5/final>.	<https://csrc.nist.gov/pubs/fips/186-5/final>.

	[HTTP-CLIENT-SERVER]	[HTTP-CLIENT-SERVER]

	skipping to change at line 3122 ¶	skipping to change at line 3122 ¶
	Documents Containing YANG Data Models", BCP 216, RFC 8407,	Documents Containing YANG Data Models", BCP 216, RFC 8407,
	DOI 10.17487/RFC8407, October 2018,	DOI 10.17487/RFC8407, October 2018,
	<https://www.rfc-editor.org/info/rfc8407>.	<https://www.rfc-editor.org/info/rfc8407>.

	[RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu,	[RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu,
	"Handling Long Lines in Content of Internet-Drafts and	"Handling Long Lines in Content of Internet-Drafts and
	RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020,	RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020,
	<https://www.rfc-editor.org/info/rfc8792>.	<https://www.rfc-editor.org/info/rfc8792>.

	[RFC9643] Watsen, K. and M. Scharf, "YANG Groupings for TCP Clients	[RFC9643] Watsen, K. and M. Scharf, "YANG Groupings for TCP Clients

	and TCP Servers", RFC 9643, DOI 10.17487/RFC9643,	and TCP Servers", RFC 9643, DOI 10.17487/RFC9643, October
	September 2024, <https://www.rfc-editor.org/info/rfc9643>.	2024, <https://www.rfc-editor.org/info/rfc9643>.

	[RFC9645] Watsen, K., "YANG Groupings for TLS Clients and TLS	[RFC9645] Watsen, K., "YANG Groupings for TLS Clients and TLS

	Servers", RFC 9645, DOI 10.17487/RFC9645, September 2024,	Servers", RFC 9645, DOI 10.17487/RFC9645, October 2024,
	<https://www.rfc-editor.org/info/rfc9645>.	<https://www.rfc-editor.org/info/rfc9645>.

	[SYSTEM-CONFIG]	[SYSTEM-CONFIG]
	Ma, Q., Wu, Q., and C. Feng, "System-defined	Ma, Q., Wu, Q., and C. Feng, "System-defined
	Configuration", Work in Progress, Internet-Draft, draft-	Configuration", Work in Progress, Internet-Draft, draft-

	ietf-netmod-system-config-08, 18 June 2024,	ietf-netmod-system-config-09, 29 September 2024,
	<https://datatracker.ietf.org/doc/html/draft-ietf-netmod-	<https://datatracker.ietf.org/doc/html/draft-ietf-netmod-

	system-config-08>.	system-config-09>.

	[W3C.REC-xml-20081126]	[W3C.REC-xml-20081126]
	Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E.,	Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E.,
	and F. Yergeau, "Extensible Markup Language (XML) 1.0	and F. Yergeau, "Extensible Markup Language (XML) 1.0
	(Fifth Edition)", World Wide Web Consortium	(Fifth Edition)", World Wide Web Consortium
	Recommendation REC-xml-20081126, November 2008,	Recommendation REC-xml-20081126, November 2008,
	<https://www.w3.org/TR/2008/REC-xml-20081126/>.	<https://www.w3.org/TR/2008/REC-xml-20081126/>.

	[YANG-GUIDE]	[YANG-GUIDE]
	Bierman, A., Boucadair, M., and Q. Wu, "Guidelines for	Bierman, A., Boucadair, M., and Q. Wu, "Guidelines for
	Authors and Reviewers of Documents Containing YANG Data	Authors and Reviewers of Documents Containing YANG Data
	Models", Work in Progress, Internet-Draft, draft-ietf-	Models", Work in Progress, Internet-Draft, draft-ietf-

	netmod-rfc8407bis-15, 10 September 2024,	netmod-rfc8407bis-17, 27 September 2024,
	<https://datatracker.ietf.org/doc/html/draft-ietf-netmod-	<https://datatracker.ietf.org/doc/html/draft-ietf-netmod-

	rfc8407bis-15>.	rfc8407bis-17>.

	Appendix A. Script to Generate IANA-Maintained YANG Modules	Appendix A. Script to Generate IANA-Maintained YANG Modules

	This section is not normative.	This section is not normative.

	The Python <https://www.python.org> script contained in this section	The Python <https://www.python.org> script contained in this section
	will create the four IANA-maintained modules that are described (but	will create the four IANA-maintained modules that are described (but
	not contained) in this document.	not contained) in this document.

	Run the script using the command "python gen-yang-modules.py" to	Run the script using the command "python gen-yang-modules.py" to

End of changes. 15 change blocks.
	28 lines changed or deleted	28 lines changed or added
This html diff was produced by rfcdiff 1.48.