@techreport{lopez-opsawg-yang-provenance-03, number = {draft-lopez-opsawg-yang-provenance-03}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-lopez-opsawg-yang-provenance/03/}, author = {Diego Lopez and Antonio Pastor and Alex Huang Feng and Henk Birkholz and Sofia Garcia}, title = {{Applying COSE Signatures for YANG Data Provenance}}, pagetotal = 23, year = 2024, month = jul, day = 6, abstract = {This document defines a mechanism based on COSE signatures to provide and verify the provenance of YANG data, so it is possible to verify the origin and integrity of a dataset, even when those data are going to be processed and/or applied in workflows where a crypto-enabled data transport directly from the original data stream is not available. As the application of evidence-based OAM automation and the use of tools such as AI/ML grow, provenance validation becomes more relevant in all scenarios. The use of compact signatures facilitates the inclusion of provenance strings in any YANG schema requiring them.}, }