Hi Lada, Joe, Thanks for the guidance, please see inline.
Thanks, Bo -----邮件原件----- 发件人: Ladislav Lhotka [mailto:[email protected]] 发送时间: 2020年5月7日 14:38 收件人: Joe Clarke (jclarke) <[email protected]>; Wubo (lana) <[email protected]> 抄送: [email protected]; [email protected]; [email protected]; [email protected] 主题: Re: Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03 "Joe Clarke (jclarke)" <[email protected]> writes: >> - Is it correct that the server type may be either one of "authentication", >> "authorization" or "accounting", or all of them? Is it impossible for a >> server to be authentication & authorization but not accounting? Such a >> variant cannot be configured. >> [Bo] OK, will correct when the final guidance on this issue is received. > > Lada replied yesterday to say that the bit string is likely preferred similar > to access-operations in ietf-netconf-acm. I might personally discourage the > use of ‘*’ for this given that there are only three types, but that’s just my > individual thought. +1 I think it is better to have all three types explicitly in the value. Perhaps this could also be the default? Lada [Bo] Please see if the definition below is correct: typedef tcsplus-server-type { type bits { bit authentication { description "When set, the server is an authentication server."; } bit authorization { description "When set, the server is an authorization server."; } bit accounting { description "When set, the server is an accounting server."; } bit all { description "When set, the server can be all types of TACACS+ servers."; } } description "server-type can be set to authentication/authorization/accounting or any combination of the three types. When all three types are supported, either "all" or the three bits setting can be used; } > > Joe > -- Ladislav Lhotka Head, CZ.NIC Labs PGP Key ID: 0xB8F92B08A9F76C67 _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
