Skip to main content

Network Configuration Protocol (NETCONF) Access Control Model
RFC 6536

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    netconf mailing list <>,
    netconf chair <>
Subject: Protocol Action: 'Network Configuration Protocol (NETCONF) Access Control Model' to Proposed Standard (draft-ietf-netconf-access-control-07.txt)

The IESG has approved the following document:
- 'Network Configuration Protocol (NETCONF) Access Control Model'
  (draft-ietf-netconf-access-control-07.txt) as a Proposed Standard

This document is the product of the Network Configuration Working Group.

The IESG contact persons are Dan Romascanu and Ron Bonica.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   The standardization of network configuration interfaces for use with
   the NETCONF protocol requires a structured and secure operating
   environment that promotes human usability and multi-vendor
   interoperability.  There is a need for standard mechanisms to
   restrict NETCONF protocol access for particular users to a pre-
   configured subset of all available NETCONF protocol operations and
   content.  This document defines such an access control model.

Working Group Summary

   There is strong consensus in the WG to publish this document.
   The document has been extensively discussed in the Working Group, 
      including several WG Last Calls. The comments and reviews helped 
      to improve the document a lot and the current version reflects the 
      consensus of the Working Group. 
   The Security ADs have also reviewed revision 5 of the document.
   The WG chairs specifically asked for a Detailed Security review, because 
      the content of this document is all about access control and
      secure and properly authorized access to the NETCONF protocol and
      content. The last WGLC did raise only minor issues. The changes 
      have been accepted by the WG.

Document Quality

   Implementations of earlier drafts do (partially) exist and it
      is expected that NETCONF implementations will be extended once 
      this document gets published as proposed standard.


   Bert Wijnen is the Document Shepherd for this document
   Dan Romascanu is the Responsible Area Director.

RFC Editor Note