From 0befb4384214b5ac073044c0f0970ef4e9175aff Mon Sep 17 00:00:00 2001
From: Michael Richardson <mcr+ietf@sandelman.ca>
Date: Tue, 10 Sep 2024 12:11:38 -0400
Subject: [PATCH 1/2] RFC-editor instructions, add another choice to
 voucher-request

---
 ietf-voucher-request.yang | 50 +++++++++++++++++++++------------------
 ietf-voucher.yang         |  2 ++
 2 files changed, 29 insertions(+), 23 deletions(-)

diff --git a/ietf-voucher-request.yang b/ietf-voucher-request.yang
index 62318d3..e226d24 100644
--- a/ietf-voucher-request.yang
+++ b/ietf-voucher-request.yang
@@ -64,6 +64,8 @@ module ietf-voucher-request {
      (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
      for full legal notices.
 
+RFCEDITOR: please replace XXXX with the RFC number assigned.
+
      The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
      NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
      'MAY', and 'OPTIONAL' in this document are to be interpreted as
@@ -147,25 +149,26 @@ module ietf-voucher-request {
             the final voucher size.";
         }
 
-        leaf proximity-registrar-cert {
-          type binary;
-          description
-           "An X.509 v3 certificate structure as specified by
-            RFC 5280, Section 4 encoded using the ASN.1
-            distinguished encoding rules (DER), as specified
-            in [ITU.X690.1994].
-
-            The first certificate in the Registrar TLS server
-            certificate_list sequence  (the end-entity TLS
-            certificate, see [RFC8446]) presented by the Registrar
-            to the Pledge.
-            This MUST be populated in a Pledge's voucher request
-            when a proximity assertion is requested.";
-        }
-
-        leaf proximity-registrar-pubk {
-          type binary;
-          description
+        choice registrar-identity {
+          leaf proximity-registrar-cert {
+            type binary;
+            description
+              "An X.509 v3 certificate structure as specified by
+               RFC 5280, Section 4 encoded using the ASN.1
+               distinguished encoding rules (DER), as specified
+               in [ITU.X690.1994].
+
+               The first certificate in the Registrar TLS server
+               certificate_list sequence  (the end-entity TLS
+               certificate, see [RFC8446]) presented by the Registrar
+               to the Pledge.
+               This MUST be populated in a Pledge's voucher request
+               when a proximity assertion is requested.";
+          }
+
+          leaf proximity-registrar-pubk {
+            type binary;
+            description
             "The proximity-registrar-pubk replaces
              the proximity-registrar-cert in constrained uses of
              the voucher-request.
@@ -178,11 +181,11 @@ module ietf-voucher-request {
              Support for the DSA algorithm is not recommended.
              Support for the RSA algorithm is a MAY, but due to
              size is discouraged.";
-        }
+          }
 
-        leaf proximity-registrar-pubk-sha256 {
-          type binary;
-          description
+          leaf proximity-registrar-pubk-sha256 {
+            type binary;
+            description
             "The proximity-registrar-pubk-sha256
              is an alternative to both
              proximity-registrar-pubk and pinned-domain-cert.
@@ -197,6 +200,7 @@ module ietf-voucher-request {
              Algorithm agility is provided by extensions to this
              specification which may define a new leaf for another
              hash type.";
+          }
         }
 
         leaf agent-signed-data {
diff --git a/ietf-voucher.yang b/ietf-voucher.yang
index e1359f2..ba9d48e 100644
--- a/ietf-voucher.yang
+++ b/ietf-voucher.yang
@@ -54,6 +54,8 @@ module ietf-voucher {
      (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
      for full legal notices.
 
+RFCEDITOR: please replace XXXX with the RFC number assigned.
+
      The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
      NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
      'MAY', and 'OPTIONAL' in this document are to be interpreted as

From 0710ba5eab0d330223cc8bfeef6d3411ef63a231 Mon Sep 17 00:00:00 2001
From: Michael Richardson <mcr+ietf@sandelman.ca>
Date: Fri, 4 Oct 2024 12:28:10 -0400
Subject: [PATCH 2/2] added descriptions for new choice structure

---
 ietf-voucher-request.yang | 1 +
 ietf-voucher.yang         | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/ietf-voucher-request.yang b/ietf-voucher-request.yang
index e226d24..5370f89 100644
--- a/ietf-voucher-request.yang
+++ b/ietf-voucher-request.yang
@@ -150,6 +150,7 @@ RFCEDITOR: please replace XXXX with the RFC number assigned.
         }
 
         choice registrar-identity {
+          description "One of these three attributes will be used to pin the registrar identity";
           leaf proximity-registrar-cert {
             type binary;
             description
diff --git a/ietf-voucher.yang b/ietf-voucher.yang
index ba9d48e..710d24d 100644
--- a/ietf-voucher.yang
+++ b/ietf-voucher.yang
@@ -165,6 +165,9 @@ RFCEDITOR: please replace XXXX with the RFC number assigned.
            otherwise unique within the scope of the MASA.";
       }
       choice pinning {
+        description "One of these attributes is used by the pledge to
+                     specify the registrar, and how the pledge would like
+                     the registrar's identity to be pinned";
         leaf pinned-domain-cert {
           type binary;
           description
@@ -233,6 +236,7 @@ RFCEDITOR: please replace XXXX with the RFC number assigned.
            certificate.";
       }
       choice nonceless {
+        description "Either a nonce must be present, or an expires-on header";
         leaf expires-on {
           type yang:date-and-time;
           description