netconfcentral logo

ietf-cwt-voucher-request

HTML

ietf-cwt-voucher-request@2017-12-11



  module ietf-cwt-voucher-request {

    yang-version 1.1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-cwt-voucher-request";

    prefix vcwt;

    import ietf-voucher {
      prefix v;
    }

    organization "IETF 6tisch Working Group";

    contact
      "WG Web:   <http://tools.ietf.org/wg/6tisch/>
    WG List:  <mailto:6tisch@ietf.org>
    Author:   Michael Richardson
              <mailto:mcr+ietf@sandelman.ca>";

    description
      "This module defines the format for a voucher, which is produced by
    a pledge's manufacturer or delegate (MASA) to securely assign one
    or more pledges to an 'owner', so that the pledges may establish a
    secure connection to the owner's network infrastructure.

    This version provides a very restricted subset appropriate
    for very constrained devices.
    In particular, it assumes that nonce-ful operation is
    always required, that expiration dates are rather weak, as no
    clocks can be assumed, and that the Registrar is identified
    by a pinned Raw Public Key.

    The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT',
    'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and 'OPTIONAL' in
    the module text are to be interpreted as described in RFC 2119.";

    revision "2017-12-11" {
      description "Initial version";
      reference
        "RFC XXXX: Voucher Profile for Constrained Devices";

    }


    grouping voucher-request-cwt-grouping {
      description
        "Grouping to allow reuse/extensions in future work.";
      uses v:voucher-artifact-grouping {
        augment voucher {
          description
            "Base the CWT voucher-request upon the regular one";
          leaf proximity-registrar-subject-public-key-info {
            type binary;
            description
              "The proximity-registrar-subject-public-key-info replaces
         the proximit-registrar-cert in constrained uses of
         the voucher-request.
         The proximity-registrar-subject-public-key-info is the
         Raw Public Key of the Registrar. This field is encoded
         as specified in RFC7250, section 3.
         The ECDSA algorithm MUST be supported.
         The EdDSA algorithm as specified in
         draft-ietf-tls-rfc4492bis-17 SHOULD be supported.
         Support for the DSA algorithm is not recommended.
         Support for the RSA algorithm is a MAY.";
          }
        }
      }
    }  // grouping voucher-request-cwt-grouping
  }  // module ietf-cwt-voucher-request

Summary

  
  
Organization IETF 6tisch Working Group
  
Module ietf-cwt-voucher-request
Version 2017-12-11
File ietf-cwt-voucher-request@2017-12-11.yang
  
Prefix vcwt
Namespace urn:ietf:params:xml:ns:yang:ietf-cwt-voucher-request
  
Cooked /cookedmodules/ietf-cwt-voucher-request/2017-12-11
YANG /src/ietf-cwt-voucher-request@2017-12-11.yang
XSD /xsd/ietf-cwt-voucher-request@2017-12-11.xsd
  
Abstract This module defines the format for a voucher, which is produced by a pledge's manufacturer or delegate (MASA) to securely assign...
  
Contact
WG Web:   <http://tools.ietf.org/wg/6tisch/>
WG List:  <mailto:6tisch@ietf.org>
Author:   Michael Richardson
	  <mailto:mcr+ietf@sandelman.ca>

Description

 
This module defines the format for a voucher, which is produced by
a pledge's manufacturer or delegate (MASA) to securely assign one
or more pledges to an 'owner', so that the pledges may establish a
secure connection to the owner's network infrastructure.

This version provides a very restricted subset appropriate
for very constrained devices.
In particular, it assumes that nonce-ful operation is
always required, that expiration dates are rather weak, as no
clocks can be assumed, and that the Registrar is identified
by a pinned Raw Public Key.

The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT',
'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'MAY', and 'OPTIONAL' in
the module text are to be interpreted as described in RFC 2119.

Groupings

Grouping Objects Abstract
voucher-request-cwt-grouping voucher Grouping to allow reuse/extensions in future work.