On 26/05/2021 11:49, Balázs Lengyel wrote:
> Hello,
>
> Netconf/Restconf can transfer a lot of data. Some of this data can be
> personal/private like end-user names, personal phone records, street
> addresses. Is there a way to marks such data as private? I am thinking
> about something like putting a YANG extension in the data models:
>
>
>
> extension private-data {
>
> description
>
> "Indicates that a leaf or leaf-list contains private data.
>
> argument privacy-type;
>
> }
>
>
>
> Is there any standard solution for this or any proposal ? In the world
> of GDPR we should be thinking about this.
I do not believe a static extension like this is going to cut it. The
basic assumption it makes is that data provenance can be established at
design time -- and that runs contrary to the fact that data can be
derived from other data via processing.I think an RFC7952-based annotation would be more appropriate: it would work outside of the static model to positively identify that a particular leaf value in fact contains privacy-sensitive data and the receiving system should treat it as such. Regards, Robert
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
