ietf-ztp-types

This module defines three groupings that enable bootstrapping devices to 1) indicate if and how they support generating CSRs, 2)...

  • Version: 2022-01-31

    ietf-ztp-types@2022-01-31


    
  module ietf-ztp-types {

    yang-version 1.1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-ztp-types";

    prefix zt;

    import ietf-crypto-types {
      prefix ct;
      reference
        "RFC AAAA: YANG Data Types and Groupings for Cryptography";


    }

    organization
      "IETF NETCONF (Network Configuration) Working Group";

    contact
      "WG Web:   https://datatracker.ietf.org/wg/netconf
     WG List:  NETCONF WG list <mailto:netconf@ietf.org>
     Authors:  Kent Watsen <mailto:kent+ietf@watsen.net>
               Russ Housley <mailto:housley@vigilsec.com>
               Sean Turner <mailto:sean@sn3rd.com>";

    description
      "This module defines three groupings that enable
     bootstrapping devices to 1) indicate if and how they
     support generating CSRs, 2) obtain a request to
     generate a CSR, and 3) communicate the requested CSR.

     Copyright (c) 2022 IETF Trust and the persons identified
     as authors of the code. All rights reserved.

     Redistribution and use in source and binary forms, with
     or without modification, is permitted pursuant to, and
     subject to the license terms contained in, the Revised
     BSD License set forth in Section 4.c of the IETF Trust's
     Legal Provisions Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     This version of this YANG module is part of RFC XXXX
     (https://www.rfc-editor.org/info/rfcXXXX); see the RFC
     itself for full legal notices.

     The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
     'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
     'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this
     document are to be interpreted as described in BCP 14
     (RFC 2119) (RFC 8174) when, and only when, they appear
     in all capitals, as shown here.";

    revision "2022-01-31" {
      description "Initial version";
      reference
        "RFC XXXX: Conveying a Certificate Signing Request (CSR)
        	  in a Secure Zero Touch Provisioning (SZTP)
        	  Bootstrapping Request";

    }


    identity certificate-request-format {
      description
        "A base identity for the request formats supported
       by the ZTP-client.

       Additional derived identities MAY be defined by
       future efforts.";
    }

    identity p10-csr {
      base certificate-request-format;
      description
        "Indicates that the ZTP-client supports generating
       requests using the 'CertificationRequest' structure
       defined in RFC 2986.";
      reference
        "RFC 2986: PKCS #10: Certification Request Syntax
        	  Specification Version 1.7";

    }

    identity cmp-csr {
      base certificate-request-format;
      description
        "Indicates that the ZTP-client supports generating
       requests using a profiled version of the PKIMessage
       that MUST contain a PKIHeader followed by a PKIBody
       containing only the p10cr structure defined in
       RFC 4210.";
      reference
        "RFC 4210: Internet X.509 Public Key Infrastructure
        	  Certificate Management Protocol (CMP)";

    }

    identity cmc-csr {
      base certificate-request-format;
      description
        "Indicates that the ZTP-client supports generating
       requests using a profiled version of the 'Full
       PKI Request' structure defined in RFC 5272.";
      reference
        "RFC 5272: Certificate Management over CMS (CMC)";

    }
  }  // module ietf-ztp-types

© 2023 YumaWorks, Inc. All rights reserved.