module ietf-notification-messages {
yang-version 1.1;
namespace
"urn:ietf:params:xml:ns:yang:ietf-notification-messages";
prefix nm;
import ietf-yang-types { prefix yang; }
import ietf-restconf { prefix rc; }
organization "IETF";
contact
"WG Web:
WG List:
Editor: Eric Voit
Editor: Henk Birkholz
Editor: Alexander Clemm
Editor: Andy Bierman
Editor: Tim Jenkins
";
description
"This module contains conceptual YANG specifications for yang-data
messages carrying notifications with well known header objects.";
revision 2018-01-31 {
description
"Initial version.";
reference
"draft-ietf-netconf-notification-messages-03";
}
/*
* FEATURES
*/
feature publisher {
description
"This feature indicates that support for both publisher and
receiver of messages complying to the specification.";
}
/*
* IDENTITIES
*/
/* Identities for common headers */
identity common-header {
description
"A well known header which can be included somewhere within a
message.";
}
identity message-time {
base common-header;
description
"Header information consisting of time the message headers were
placed generated prior to being sent to transport";
}
identity subscription-id {
base common-header;
description
"Header information consisting of the identifier of the
subscription associated with the notification being
encapsulated.";
}
identity notification-count {
base common-header;
description
"Header information consisting of the quantity of notifications in
a bundled-message for a specific receiver.";
}
identity optional-header {
base common-header;
description
"A well known header which an application may choose to include
within a message.";
}
identity message-id {
base optional-header;
description
"Header information that identifies a message to a specific
receiver";
}
identity message-generator-id {
base optional-header;
description
"Header information consisting of an identifier for a software
entity which created the message (e.g., linecard 1).";
}
identity message-signature {
base optional-header;
description
"Identifies two elements of header information consisting of a
signature and the signtature type for the contents of a message.
Signatures can be useful for originating applications to
verify record contents even when shipping over unsecure
transport.";
}
identity message-integrity-evidence {
base optional-header;
description
"Header information consisting of the information which backs up
the assertions made as to the validity of the information
provided within the message.";
}
identity optional-notification-header {
base optional-header;
description
"A well known header which an application may choose to include
within a message.";
}
identity notification-time {
base optional-notification-header;
description
"Header information consisting of the time an originating process
created the notification.";
}
identity notification-id {
base optional-notification-header;
description
"Header information consisting of an identifier for an instance
of a notification egressing a publisher. ";
}
identity observation-domain-id {
base optional-notification-header;
description
"Header information identifying the software entity which created
the notification (e.g., process id).";
}
identity notification-signature {
base optional-notification-header;
description
"Header information consisting of the information which backs up
the assertions made as to the validity of the information
provided within the notification.";
}
identity notification-integrity-evidence {
base optional-notification-header;
description
"Header information consisting of the information which backs up
the assertions made as to the validity of the information
provided within the notification.";
}
/*
* TYPEDEFs
*/
typedef optional-header {
type identityref {
base optional-header;
}
description
"Type of header object which may be included somewhere within a
message.";
}
typedef optional-notification-header {
type identityref {
base optional-notification-header;
}
description
"Type of header object which may be included somewhere within a
message.";
}
typedef notification-type {
type string {
pattern '[a-zA-Z_][a-zA-Z0-9\-_.]*';
}
description
"The name of a notification within a YANG module.";
reference
"RFC-7950 Section 7.16";
}
/*
* GROUPINGS
*/
grouping message-header {
description
"Header information included with a message.";
leaf message-time {
type yang:date-and-time;
mandatory true;
description
"time the message was generated prior to being sent to
transport.";
}
leaf message-id {
type uint32;
description
"Id for a message going to a receiver from a message
generator. The id will increment by one with each message sent
from a particular message generator, allowing the message-id
to be used as a sequence number.";
}
leaf message-generator-id {
type string;
description
"Software entity which created the message (e.g., linecard 1).
The combination of message-id and message-generator-id must be
unique until reset or a roll-over occurs.";
}
leaf notification-count {
type uint16;
description
"Quantity of notification records in a bundled-message
specific receiver.";
}
}
grouping notification-within-a-module {
description
"A location of a notification within a yang model.";
leaf yang-module {
type yang:yang-identifier;
description
"Name of the YANG module supported by the publisher.";
}
leaf yang-notification-name {
type notification-type;
description
"The name of a notification likely from a YANG module. Note
that this object should be in the notification contents, so a
debate is needed whether this is redundant.";
}
}
grouping notification-header {
description
"Common informational objects which might help a receiver
interpret the meaning, details, or importance of a notification.";
leaf notification-time {
type yang:date-and-time;
mandatory true;
description
"Time the system recognized the occurrence of an event.";
}
uses notification-within-a-module;
leaf-list subscription-id {
type uint32;
description
"Id of the subscription which led to the notification being
generated.";
}
leaf notification-id {
type uint32;
description
"Identifier for the notification record.";
}
leaf observation-domain-id {
type string;
description
"Software entity which created the notification record (e.g.,
process id).";
}
}
grouping security-footer {
description
"Reusable grouping for common objects which apply to the the
signing of notifications or messages.";
leaf signature-algorithm {
type string;
mandatory true;
description
"The technology with which an originator signed of some
delineated contents.";
}
leaf signature-value {
type string;
mandatory true;
description
"Any originator signing of the contents of a header and
content. This is useful for verifying contents even when
shipping over unsecure transport.";
}
leaf integrity-evidence {
type string;
description
"This mechanism allows a verifier to ensure that the use of the
private key, represented by the corresponding public key
certificate, was performed with a TCG compliant TPM
environment. This evidence is never included in within any
signature.";
reference
"TCG Infrastructure Workgroup, Subject Key Attestation Evidence
Extension, Specification Version 1.0, Revision 7.";
}
}
/*
* YANG-DATA messages for receivers
*/
rc:yang-data message {
container message {
presence
"Indicates attempt to communicate notifications to a receiver.";
description
"Message to a receiver containing one or more notifications";
container message-header {
description
"Header info for messages.";
uses message-header;
}
list notifications {
description
"Set of notifications to a receiver.";
container notification-header {
description
"Header info for a notification.";
uses notification-header;
}
anydata notification-contents {
description
"Encapsulates objects following YANG's notification-stmt
grammar of RFC-7950 section 14. Within are the notified
objects the publisher actually generated in order to be
passed to a receiver after all filtering has completed.";
}
container notification-footer {
presence
"Indicates attempt to secure a notification.";
description
"Signature and evidence for messages.";
uses security-footer;
}
}
container message-footer {
presence
"Indicates attempt to secure the entire message.";
description
"Signature and evidence for messages.";
uses security-footer;
}
}
}
/*
* DATA-NODES
*/
container additional-default-headers {
if-feature "publisher";
description
"This container maintains a list of which additional notifications
should use which optional headers if the receiver supports this
specification.";
leaf-list additional-headers {
type optional-header;
description
"This list contains the identities of the optional header types
which are to be included within each message from this
publisher.";
}
list yang-notification-specific-default {
key "yang-module yang-notification-name";
description
"For any included YANG notifications, this list provides
additional optional headers which should be placed within the
container notification-header if the receiver supports this
specification. This list incrementally adds to any headers
indicated within the leaf-list 'additional-headers'.";
uses notification-within-a-module;
leaf-list additional-notification-headers {
type optional-notification-header;
description
"The set of additional default headers which will be sent
for a specific YANG notification.";
}
}
}
}