YC.o sync

experimental/ietf-extracted-YANG-modules/iana-tls-profile@2022-10-10.yang → experimental/ietf-extracted-YANG-modules/iana-tls-profile@2024-01-23.yang

@@ -39,7 +39,7 @@ module iana-tls-profile {
      The latest version of this YANG module is available at
      <IANA_TLS-PROFILE_URL>.";
 
-  revision 2022-10-10 {
+  revision 2024-01-23 {
     description
       "Initial revision";
     reference
@@ -53,6 +53,7 @@ module iana-tls-profile {
       "Extension type in the TLS ExtensionType Values registry as
        defined in Section 7 of RFC8447.";
   }
+
   typedef supported-group {
     type uint16;
     description

experimental/ietf-extracted-YANG-modules/ietf-acl-tls@2022-10-10.yang

@@ -45,7 +45,6 @@ module ietf-acl-tls {
      set forth in Section 4.c of the IETF Trust's Legal Provisions
      Relating to IETF Documents
      (http://trustee.ietf.org/license-info).
-
      This version of this YANG module is part of RFC XXXX; see
      the RFC itself for full legal notices.";
 
@@ -94,7 +93,6 @@ module ietf-acl-tls {
       "The networking device can support matching on
        (D)TLS parameters.";
   }
-
   typedef spki-pin-set {
     type binary;
     description
@@ -108,6 +106,7 @@ module ietf-acl-tls {
       "Distinguished Name of Certificate authority as discussed
        in Section 4.2.4 of RFC8446.";
   }
+
   augment "/acl:acls/acl:acl/acl:aces/acl:ace/acl:matches" {
     if-feature "match-on-tls-dtls";
     description

experimental/ietf-extracted-YANG-modules/ietf-ioam-integrity@2024-08-31.yang

@@ -0,0 +1,245 @@
+module ietf-ioam-integrity {
+  yang-version 1.1;
+  namespace "urn:ietf:params:xml:ns:yang:ietf-ioam-integrity";
+  prefix "ioam-int";
+
+  import ietf-ioam {
+    prefix ioam;
+    reference
+      "RFC 9617: A YANG Data Model for In Situ Operations,
+       Administration, and Maintenance (IOAM)";
+  }
+
+  organization
+    "IETF IPPM (IP Performance Measurement) Working Group";
+
+  contact
+    "WG Web:   <https://datatracker.ietf.org/wg/ippm>
+     WG List:  <mailto:[email protected]>
+     Author:   Tianran Zhou
+               <mailto:[email protected]>
+     Author:   Justin Iurman
+               <mailto:[email protected]>";
+
+  description
+    "This YANG module specifies a vendor-independent data model for
+     In Situ Operations, Administration, and Maintenance (IOAM)
+     Integrity Protected Options.
+
+     The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+     NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+     'MAY', and 'OPTIONAL' in this document are to be interpreted as
+     described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+     they appear in all capitals, as shown here.
+
+     Copyright (c) 2024 IETF Trust and the persons identified as
+     authors of the code.  All rights reserved.
+
+     Redistribution and use in source and binary forms, with or
+     without modification, is permitted pursuant to, and subject to
+     the license terms contained in, the Revised BSD License set
+     forth in Section 4.c of the IETF Trust's Legal Provisions
+     Relating to IETF Documents
+     (https://trustee.ietf.org/license-info).
+
+     This version of this YANG module is part of RFC XXXX; see the
+     RFC itself for full legal notices.";
+
+  revision 2024-08-31 {
+    description
+      "Initial revision.";
+    reference
+      "RFC XXXX: A YANG Data Model for In Situ Operations,
+       Administration, and Maintenance (IOAM) Integrity Protected
+       Options";
+  }
+
+  /*
+   * FEATURES
+   */
+
+  feature int-incremental-trace
+  {
+    description
+      "This feature indicates that the Integrity Protected
+       Incremental Trace-Option is supported.";
+    reference
+      "RFC YYYY: Integrity Protection of In Situ Operations,
+       Administration, and Maintenance (IOAM) Data Fields";
+  }
+
+  feature int-preallocated-trace
+  {
+    description
+      "This feature indicates that the Integrity Protected
+       Pre-allocated Trace-Option is supported.";
+    reference
+      "RFC YYYY: Integrity Protection of In Situ Operations,
+       Administration, and Maintenance (IOAM) Data Fields";
+  }
+
+  feature int-proof-of-transit
+  {
+    description
+      "This feature indicates that the Integrity Protected Proof of
+       Transit Option is supported.";
+    reference
+      "RFC YYYY: Integrity Protection of In Situ Operations,
+       Administration, and Maintenance (IOAM) Data Fields";
+  }
+  feature int-edge-to-edge
+  {
+    description
+      "This feature indicates that the Integrity Protected
+       Edge-to-Edge Option is supported.";
+    reference
+      "RFC YYYY: Integrity Protection of In Situ Operations,
+       Administration, and Maintenance (IOAM) Data Fields";
+  }
+
+  /*
+   * IDENTITIES
+   */
+
+  identity method {
+    description
+      "Base identity to represent the Integrity Protection Method.";
+  }
+
+  identity method-1 {
+    base method;
+    description
+      "The Integrity Protection Method 1 uses AES-GMAC with a 12-byte
+       Nonce and a 16-byte ICV.";
+    reference
+      "RFC YYYY: Integrity Protection of In Situ Operations,
+       Administration, and Maintenance (IOAM) Data Fields";
+  }
+
+  /*
+   * TYPE DEFINITIONS
+   */
+
+  typedef method-type {
+    type identityref {
+      base method;
+    }
+    description
+      "It specifies the Integrity Protection Method.";
+  }
+
+  /*
+   * DATA NODES
+   */
+
+  augment "/ioam:ioam/ioam:profiles/ioam:profile" {
+    description
+      "This augmentation adds 4 profiles for the Integrity Protected
+       Options.";
+
+    container int-incremental-tracing-profile {
+      if-feature "int-incremental-trace";
+      presence
+        "Enables the Integrity Protected Incremental Trace-Option.";
+      description
+        "This container describes the profile for the Integrity
+         Protected Incremental Trace-Option.";
+
+      uses ioam:ioam-incremental-tracing-profile;
+
+      leaf int-method {
+        when "derived-from-or-self(../node-action,
+           'ioam:action-encapsulate')";
+        type method-type;
+        default "method-1";
+        description
+          "This object indicates the Integrity Protection Method for
+           this profile.";
+      }
+    }
+
+    container int-preallocated-tracing-profile {
+      if-feature "int-preallocated-trace";
+      presence
+        "Enables the Integrity Protected Pre-allocated
+         Trace-Option.";
+      description
+        "This container describes the profile for the Integrity
+         Protected Pre-allocated Trace-Option.";
+
+      uses ioam:ioam-preallocated-tracing-profile;
+
+      leaf int-method {
+        when "derived-from-or-self(../node-action,
+           'ioam:action-encapsulate')";
+        type method-type;
+        default "method-1";
+        description
+          "This object indicates the Integrity Protection Method for
+           this profile.";
+      }
+    }
+
+    container int-pot-profile {
+      if-feature "int-proof-of-transit";
+      presence
+        "Enables the Integrity Protected Proof of Transit Option.";
+      description
+        "This container describes the profile for the Integrity
+         Protected Proof of Transit Option.";
+
+      leaf use-namespace {
+        type ioam:ioam-namespace;
+        default "ioam:default-namespace";
+        description
+          "This object indicates the namespace used for the
+           POT types.";
+      }
+
+      leaf pot-type {
+        type ioam:ioam-pot-type;
+        description
+          "The type of a particular POT variant that specifies
+           the POT data that is included.";
+      }
+
+      leaf node-action {
+        type ioam:ioam-node-action;
+        default "ioam:action-transit";
+        description
+          "This object indicates the action the node needs to
+           take, e.g., encapsulation.";
+      }
+
+      leaf int-method {
+        when "derived-from-or-self(../node-action,
+           'ioam:action-encapsulate')";
+        type method-type;
+        default "method-1";
+        description
+          "This object indicates the Integrity Protection Method for
+           this profile.";
+      }
+    }
+
+    container int-e2e-profile {
+      if-feature "int-edge-to-edge";
+      presence
+        "Enables the Integrity Protected Edge-to-Edge Option.";
+      description
+        "This container describes the profile for the Integrity
+         Protected Edge-to-Edge Option.";
+
+      uses ioam:ioam-e2e-profile;
+      leaf int-method {
+        when "derived-from-or-self(../node-action,
+           'ioam:action-encapsulate')";
+        type method-type;
+        default "method-1";
+        description
+          "This object indicates the Integrity Protection Method for
+           this profile.";
+      }
+    }
+  }
+}

experimental/ietf-extracted-YANG-modules/ietf-mud-tls@2022-10-10.yang

@@ -17,6 +17,7 @@ module ietf-mud-tls {
 
      Author: Konda, Tirumaleswar Reddy
              [email protected]
+
     ";
    description
      "Extension to a MUD module to indicate (D)TLS

experimental/ietf-extracted-YANG-modules/ietf-multicast-model@2023-03-05.yang

@@ -201,8 +201,7 @@ module ietf-multicast-model {
       "Using EVPN as multicast overlay technology.";
     reference
       "RFC 7432: BGP MPLS-Based Ethernet VPN.
-       I-D.ietf-bess-evpn-bum-procedure-updates:
-         Updates on EVPN BUM Procedures.
+       RFC 9572: Updates on EVPN BUM Procedures.
        I-D.ietf-bier-evpn: EVPN BUM Using BIER.";
   }
   identity mvpn {
@@ -328,12 +327,12 @@ module ietf-multicast-model {
 
   grouping general-multicast-key {
     description
-      "The general multicast keys. They are used to distinguish
-       different multicast service.";
+      "The general multicast keys. They are used to differentiate
+       multicast service.";
     leaf vpn-rd {
       type rt-types:route-distinguisher;
       description
-        "A Route Distinguisher used to distinguish
+        "A Route Distinguisher is used to differentiate
          routes from different MVPNs.";
       reference
         "RFC 8294: Common YANG Data Types for the Routing Area.
@@ -414,7 +413,7 @@ module ietf-multicast-model {
     leaf sub-domain {
       type uint16;
       description
-        "The subdomain id that the multicast flow belongs to.";
+        "The subdomain ID that the multicast flow belongs to.";
     }
     leaf bitstringlength {
       type uint16;
@@ -720,7 +719,7 @@ module ietf-multicast-model {
            used in SDN controlled completely situation, but
            it can be used in partial SDN controlled situation
            or non-SDN controlled situation. Different overlay
-           technologies can be choosed according to different
+           technologies can be chosen according to different
            deploy consideration.";
 
         leaf vni-type {
@@ -751,11 +750,10 @@ module ietf-multicast-model {
                  BIER. In MVPN, this is the address of ingress
                  PE; in BIER, this is the BFR-prefix of ingress
                  nodes.
-                 Two or more ingress nodes may existed for the
+                 Two or more ingress nodes may exist for the
                  redundant ingress node protection.";
             }
           }
-
           list egress-nodes {
             key "egress-node";
             description
@@ -804,7 +802,6 @@ module ietf-multicast-model {
             key "egress-node";
             description
               "The egress nodes of multicast flow.";
-
             leaf egress-node {
               type uint16;
               description
@@ -821,9 +818,9 @@ module ietf-multicast-model {
            protocol is responsible for delivering multicast
            flows from ingress nodes to egress nodes with or
            without specific encapsulation. Different transport
-           technology can be choosed according to different
+           technology can be chosen according to different
            deploy consideration. Once a transport technology
-           is choosed, associated protocol should be triggered
+           is chosen, associated protocol should be triggered
            to run.";
 
         uses transport-tech;
@@ -835,7 +832,7 @@ module ietf-multicast-model {
            need not be assigned in ordinary network since
            existed underlay protocol fits well, but it can be
            assigned in particular networks for better
-           controll. Once a underlay technology is choosed,
+           controll. Once an underlay technology is chosen,
            associated protocol should be triggered to run.";
 
         uses underlay-tech;