enable a server express conformance to a set of identifiers

[kwatsen]

Juergen writes:

This issue touches on an open issue that we never managed to solve:
Given an arbitrarily extensible set of identifiers, how does an
implementation announce the subset actually supported? And related to
that, can a YANG module define a subset that is expected to be
supported (i.e., a conformance requirement)? I am not sure we have
a YANG next issue for this, but we should.

[kwatsen]

Perhaps YANG Library be used for this?

[mbj4668]

This is already captured in #40.

[rgwilton]

Also see #124 and #107

[abierman]

Must Do: complexity: medium, bc: medium, importance: high

There are 2 types of usage

• registry of identifiers (like iana-if-type)
• module-specific identifiers (like ietf-yang-push)

There are no conformance requirements for a registry module. This is not clear in YANG 1.1. It is unclear for a regular module if a server MUST support all identities in the module (unless if-feature).

It is unclear if a server must implement the standard identities or use their own identities that are derived from the standard identities

[kwatsen]

I don't think deviation should be used for this. A "config false" list seems better. Another idea would be to have an implicit "if-feature" on each identity, so then its a list of features (which is what I was alluding to above with the "YANG Library" comment)

This issue regards identities, which are one of the two ways that IANA-maintained modules can be implemented. The other way being by using enumerations. Both the ssh-client-server and tis-client-server drafts define enumerations for SSH/TLS algorithms supported. A config false leaf-list is used to know what algorithms are supported, e.g.:

  +--ro supported-algorithms {algorithm-discovery}?
     +--ro supported-algorithm*   tlscsa:tls-cipher-suite-algorithm

Maybe something similar for identities? capabilities?