Hi Juergen, On 3/22/16 4:42 PM, Juergen Schoenwaelder wrote: > I think such considerations belongs into documents making use of > object signatures and close to 100% of the YANG models today don't > so I do not even think this qualifies for RFC6087bis. >
I think there are AT LEAST two areas where signatures are going to be necessary: * There exist multi-level authorization schemes today that rely on signatures. Those have to be transported. * Manufacturer usage descriptions (MUDs) have extremely broad scope in terms of the number of devices that are intended to use the same description (think thousands to millions). And so an unauthorized change could have a similarly broad impact. Thus, wherever the YANG experts think signatures should happen in each encoding case is fine with me; but I'd suggest that I'm not the only person who's going to want to know. Is it THAT hard to at least add a reference? Because if it is, that would cause me to wonder if the mechanisms are really in place to do the right thing. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod