Hi Lada, Joe, Thanks for the guidance, please see inline. Thanks, Bo -----邮件原件----- 发件人: Ladislav Lhotka [mailto:ladislav.lhotka@xxxxxx] 发送时间: 2020年5月7日 14:38 收件人: Joe Clarke (jclarke) <jclarke@xxxxxxxxx>; Wubo (lana) <lana.wubo@xxxxxxxxxx> 抄送: yang-doctors@xxxxxxxx; last-call@xxxxxxxx; draft-ietf-opsawg-tacacs-yang.all@xxxxxxxx; opsawg@xxxxxxxx 主题: Re: Yangdoctors last call review of draft-ietf-opsawg-tacacs-yang-03 "Joe Clarke (jclarke)" <jclarke@xxxxxxxxx> writes: >> - Is it correct that the server type may be either one of "authentication", "authorization" or "accounting", or all of them? Is it impossible for a server to be authentication & authorization but not accounting? Such a variant cannot be configured. >> [Bo] OK, will correct when the final guidance on this issue is received. > > Lada replied yesterday to say that the bit string is likely preferred similar to access-operations in ietf-netconf-acm. I might personally discourage the use of ‘*’ for this given that there are only three types, but that’s just my individual thought. +1 I think it is better to have all three types explicitly in the value. Perhaps this could also be the default? Lada [Bo] Please see if the definition below is correct: typedef tcsplus-server-type { type bits { bit authentication { description "When set, the server is an authentication server."; } bit authorization { description "When set, the server is an authorization server."; } bit accounting { description "When set, the server is an accounting server."; } bit all { description "When set, the server can be all types of TACACS+ servers."; } } description "server-type can be set to authentication/authorization/accounting or any combination of the three types. When all three types are supported, either "all" or the three bits setting can be used; } > > Joe > -- Ladislav Lhotka Head, CZ.NIC Labs PGP Key ID: 0xB8F92B08A9F76C67 -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
