module ietf-zerotouch-ownership-voucher {

    yang-version 1;

    namespace
      "urn:ietf:params:xml:ns:yang:ietf-zerotouch-ownership-voucher";

    prefix ztov;

    import ietf-yang-types {
      prefix yang;
    }

    organization
      "IETF NETCONF (Network Configuration) Working Group";

    contact
      "WG Web:   <http://tools.ietf.org/wg/netconf/>
    WG List:  <mailto:netconf@ietf.org>
    WG Chair: Mehmet Ersue
              <mailto:mehmet.ersue@nsn.com>
    WG Chair: Mahesh Jethanandani
              <mailto:mjethanandani@gmail.com>
    Editor:   Kent Watsen
              <mailto:kwatsen@juniper.net>";

    description
      "This module defines the format for a ZeroTouch ownership voucher,
    which is produced by Vendors, relayed by Bootstrap Servers, and
    consumed by devices.  The purpose of the voucher is to enable a
    device to ascertain the identity of its rightful owner, as
    certified by its Vendor.

    Copyright (c) 2014 IETF Trust and the persons identified as
    authors of the code. All rights reserved.

    Redistribution and use in source and binary forms, with or
    without modification, is permitted pursuant to, and subject
    to the license terms contained in, the Simplified BSD
    License set forth in Section 4.c of the IETF Trust's
    Legal Provisions Relating to IETF Documents
    (http://trustee.ietf.org/license-info).

    This version of this YANG module is part of RFC XXXX; see
    the RFC itself for full legal notices.";

    revision "2015-10-19" {
      description "Initial version";
      reference
        "RFC XXXX: Zero Touch Provisioning for NETCONF Call Home";

    }


    container voucher {
      description
        "A voucher, containing the owner's identifier, a list of
       device's unique identifiers, information on when the
       voucher was created, when it might expire, and the
       vendor's signature over the above values.";
      leaf owner-id {
        type string;
        mandatory true;
        description
          "A Vendor-assigned value for the rightful owner of the
         devices enumerated by this voucher.  The owner-id value
         must match the value in the owner-certificate below";
      }

      leaf-list unique-id {
        type string;
        min-elements 1;
        description
          "The unique identifier (e.g., serial-number) for a device.
         The value must match the value in the device's IDevID
         certificate.  A device uses this value to determine if
         the voucher applies to it.";
      }

      leaf created-on {
        type yang:date-and-time;
        mandatory true;
        description
          "The date this voucher was created";
      }

      leaf expires-on {
        type yang:date-and-time;
        description
          "The date this voucher expires, if at all.  Use of this
         value requires that the device has access to a trusted
         real time clock";
      }

      leaf signature {
        type string;
        mandatory true;
        description
          "The signature over the concatenation of all the previous
         values";
      }
    }  // container voucher
  }  // module ietf-zerotouch-ownership-voucher