On Mon, Mar 09, 2015 at 08:10:24AM -0400, Sam Hartman wrote:
In section 7, there is a description of how the netconf server finds the
username of the client.
It talks about a certificate fingerprint without a reference to a
specific algorithm.
I'm aware of multiple algorithms for fingerprints.
This text is probably too vague for interoperability.
Since the fingerprints are not exchanged over the wire, this is a
local problem. That said, there is a YANG configuration data model in
draft-ietf-netconf-server-model-06 that clarifies details for those
implementations that want interoperable configuration and this data
model uses tls-fingerprint defined in RFC 7407.
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>