On Mon, Mar 09, 2015 at 08:10:24AM -0400, Sam Hartman wrote: > > In section 7, there is a description of how the netconf server finds the > username of the client. > It talks about a certificate fingerprint without a reference to a > specific algorithm. > I'm aware of multiple algorithms for fingerprints. > This text is probably too vague for interoperability. Since the fingerprints are not exchanged over the wire, this is a local problem. That said, there is a YANG configuration data model in draft-ietf-netconf-server-model-06 that clarifies details for those implementations that want interoperable configuration and this data model uses tls-fingerprint defined in RFC 7407. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>