Re: action RPC I-D

[Balazs Lengyel <balazs.lengyel@ericsson.com>]

OK, I can agree with that.

But still I feel that the data model is not a bad place to put this access control data. 
If we use individual new operations for such vendor specific actions instead of generic 
<action> where do you put this data? If you put it in a document describing the related 
capability that will be unusable for machines.
Balazs

Andy Bierman wrote:
> Balazs Lengyel wrote:
> > Hello,
> > You are right, we need access control.
> >
> > For this reason each action defined in the data model should be 
> > defined as read/write/disturb-traffic.
> > read: it only reads configuration and state data and doesn't effect 
> > the traffic
> > write: it writes configuration data, but does not disturb the traffic
> > disturb-traffic: means it can do anything.
>
> I prefer these well-known hierarchical enumerations for max-access:
>
>    read-only       (read or notify)
>    read-write      (all operations except create & delete)
>    read-create     (all access)
>
>
> Andy
>
>
> > One can debate that these are the good categories for access control. 
> > Still the basic statement is that for each action defined in the data 
> > model you need to specify it's access properties in the data model as 
> > well.
> > Balazs
> >
> > Andy Bierman wrote:
> > > Your access control model should be more robust than
> > > simply allowing user X to do anything called <action>.
> > > I don't see what benefit an intermediate SW component
> > > can realize if an extra generic container is added to <rpc>.

--
Balazs Lengyel                       Ericsson Hungary Ltd.
TSP System Manager
ECN: 831 7320                        Fax: +36 1 4377792
Tel: +36-1-437-7320     email: Balazs.Lengyel@ericsson.com

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>