Found 1 record.
Status: Rejected (1)
RFC 8341, "Network Configuration Access Control Model", March 2018Source of RFC: netconf (ops)
Errata ID: 6493
Publication Format(s) : TEXT
Reported By: Balazs Lengyel
Date Reported: 2021-03-24
Rejected by: Robert Wilton
Date Rejected: 2021-04-07
Section 3.5.2 says:
All the same rules as an instance-identifier apply, except that predicates for keys are optional. If a key predicate is missing, then the node-instance-identifier represents all possible server instances for that key.
It should say:
All the same rules as an instance-identifier apply, except that predicates for keys are optional. If a key predicate is missing, then the node-instance-identifier represents all possible server instances for that key. Specifying prefixes for the node names is OPTIONAL. If a prefix is not specified the node-instance-identifier represents all possible server instances.
For the typedef node-instance-identifier (and the leaf path) it is not clear whether the value should or should not include prefixes?
"All node names in an instance-identifier value MUST be qualified with
explicit namespace prefixes"
https://tools.ietf.org/html/rfc7950#section-14 - instance-identifier rule
indicates the prefixes are optional.
Whichever is the correct answer it should be explicitly stated.
If prefixes are optional and we have 2 leaves with the same path except the namespace/prefix I assume both are referenced (effected) by the nacm rule. Correct?
Actually this is a bit misleading also in RFC7950.
The required behavior is specified via section 9.13.2 of RFC 7950.
The ABNF for instance-identifier in RFC 7950 could be clearer to indicate that explicit prefixes are required, but either way the rules in section 9.13.2 of RFC 7950 for instance identifiers cannot be ignored.