<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" submissionType="IETF" docName="draft-wu-nmop-nma-nti-problem-statement-00" category="info" ipr="trust200902" obsoletes="" updates="" xml:lang="en" symRefs="true" sortRefs="false" tocInclude="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <!-- Generated by id2xml 1.6.0 on 2026-07-06T13:18:55Z -->
<front>
    <title abbrev="NTI Problem Statement">Problem Statement for Standardizing the northbound Task Interface (NTI) of the Network Management Agent</title>
    <seriesInfo name="Internet-Draft" value="draft-wu-nmop-nma-nti-problem-statement-00"/>
    <author initials="B." surname="Wu" fullname="Bo Wu">
      <organization>Huawei</organization>
      <address>
        <email>lana.wubo@huawei.com</email>
      </address>
    </author>
    <author initials="M." surname="Wang" fullname="Minxue Wang">
      <organization>China Mobile</organization>
      <address>
        <email>wangminxue@chinamobile.com</email>
      </address>
    </author>
    <author initials="X." surname="Zhao" fullname="Xing Zhao">
      <organization>CAICT</organization>
      <address>
        <email>zhaoxing@caict.ac.cn</email>
      </address>
    </author>
    <author initials="D." surname="Ceccarelli" fullname="Daniele Ceccarelli">
      <organization>Cisco</organization>
      <address>
        <email>dceccare@cisco.com</email>
      </address>
    </author>
    <author initials="H." surname="Zheng" fullname="Haomian Zheng">
      <organization>Huawei</organization>
      <address>
        <email>zhenghaomian@huawei.com</email>
      </address>
    </author>
    <author initials="J." surname="Zhou" fullname="Jin Zhou">
      <organization>ZTE</organization>
      <address>
        <email>zhou.jin6@zte.com.cn</email>
      </address>
    </author>
    <date year="2026" month="July" day="6"/>
    <workgroup>NMOP Working Group</workgroup>
    <abstract>
      <t>
   AI-driven Network Management Agents (NMAs) are being deployed to
   automate operational workflows such as cross-domain fault diagnosis
   and service remediation.  While the IETF has standardized service
   data models and access protocols through the Controller NBI
   (RFC 8969), these provide atomic configuration and monitoring
   capabilities, not the semantics for delegating end-to-end
   operational tasks to an autonomous agent.  As a result, NMA
   northbound interfaces are vendor-specific overlays.  This document
   defines the problem statement for the Northbound Task Interface
   (NTI): the interface through which an operator or OSS delegates
   operational tasks to an NMA.</t>
    </abstract>
  </front>
  <middle>
    <section anchor="sect-1" numbered="true" toc="default">
      <name>Introduction</name>
      <t>
   The IETF has standardized data models and access protocols for
   network service management through YANG <xref target="RFC7950" format="default"/>, NETCONF
   <xref target="RFC6241" format="default"/>, RESTCONF <xref target="RFC8040" format="default"/>, and the Controller NBI architecture
   <xref target="RFC8969" format="default"/>.  Within this framework, SDN Controllers expose
   standardized northbound interfaces for service configuration,
   operational state retrieval, and event notification.  AI-driven
   Network Management Agents (NMAs) are being deployed within these
   Controllers to automate operational workflows -- such as fault
   diagnosis, service remediation, and what-if feasibility analysis --
   that currently require human operators to decompose high-level
   goals into sequences of atomic data model operations.</t>
      <t>
   However, while the Controller NBI provides the data models and
   access mechanisms for individual network operations, it does not
   provide the semantics for delegating an end-to-end operational
   task to an autonomous agent.  The interface through which an
   operator or OSS/BSS delegates such tasks to an NMA, and receives
   structured feedback on execution progress, is implemented today as
   vendor-specific overlays.  This document defines the problem
   statement for standardizing these interfaces, referred to as the
   Northbound Task Interface (NTI).</t>
      <section anchor="sect-1.1" numbered="true" toc="default">
        <name>The Gap: From Atomic Operations to Task Delegation</name>
        <t>
   The IETF has standardized data models for network configuration,
   operational state, topology, performance monitoring, and service
   assurance, accessible through the Controller NBI using NETCONF,
   RESTCONF, and YANG-Push <xref target="RFC8641" format="default"/>.  These interfaces provide
   deterministic operations on well-defined data structures: an OSS
   can retrieve an interface counter, modify a VPN parameter, or
   subscribe to an alarm stream.  However, accomplishing an
   operational goal -- such as diagnosing and remedying a VPN service
   degradation -- requires the OSS to sequence and correlate multiple
   such atomic operations across independent YANG modules, interpret
   intermediate results, and decide on subsequent actions.  The NBI
   provides the data and the operations, but not the semantics for
   delegating the end-to-end goal as a unitary task.</t>
        <t>
   NMAs address this by internally decomposing operational goals into
   NBI operations, executing them, and verifying outcomes.  Because
   the NMA resides within the Controller and uses the standardized NBI
   as its southbound interface, its internal reasoning is decoupled
   from the consumer.  Yet the northbound interface through which the
   consumer delegates the goal and monitors progress remains vendor-
   specific.  In multi-vendor environments, operators must therefore
   maintain distinct integration logic per Controller.  The gap is not
   in the data models or the access protocols, but in the task-
   abstraction layer above them.  Existing standards define how to
   operate on network resources; what is missing is a standardized
   interface for expressing an operational intent, tracking its
   execution lifecycle, negotiating when constraints conflict, and
   discovering what autonomous capabilities an NMA supports.</t>
      </section>
      <section anchor="sect-1.2" numbered="true" toc="default">
        <name>Scope and Non-Goals</name>
        <t>
   This document defines the problem statement for the Northbound
   Task Interface (NTI): the interaction through which an operator
   or OSS/BSS delegates operational tasks to an NMA and receives
   structured feedback on execution progress, capability boundaries,
   and task outcomes.</t>
        <t>
   The following are explicitly out of scope:</t>
        <ul spacing="normal">
          <li>
            <t>Internal NMA implementation: The data models, algorithms, or
      reasoning mechanisms used by the NMA to decompose tasks into
      southbound operations.  The NTI standardizes the northbound
      contract, not the internal implementation.</t>
          </li>
          <li>
            <t>Agent-to-Agent (A2A) protocols: Inter-NMA negotiation,
      cross-domain task delegation, and multi-agent coordination.
      These are addressed by other opensource projects, or other SDO,
      e.g. TMF.  The NTI is complementary: it standardizes how a
      single NMA exposes capabilities and reports progress to its
      consumer.</t>
          </li>
          <li>
            <t>Southbound data models: The NTI layers task semantics atop
      existing IETF data models without defining new device-level
      or service-level configuration structures.</t>
          </li>
          <li>
            <t>Transport protocol definition: The NTI standardizes the
      semantics and information model for task delegation.  Whether
      these semantics are carried over RESTCONF, NETCONF, or another
      existing IETF protocol is a matter for subsequent work.</t>
          </li>
        </ul>
      </section>
    </section>
    <section anchor="sect-2" numbered="true" toc="default">
      <name>Problem Statement</name>
      <t>
   The scenarios below do not argue that AI-driven diagnosis is
   superior to existing automation; they demonstrate that when an NMA
   is capable of autonomous reasoning, the absence of a standardized
   task interface forces the OSS to integrate with vendor-specific
   overlays.</t>
      <section anchor="sect-2.1" numbered="true" toc="default">
        <name>Use Case 1: L3VPN Intermittent Performance Degradation</name>
        <t>
   Scenario: A gold-tier enterprise L3VPN service (VPN-Corp-A)
   experiences bursty quality degradation during peak hours.  End
   users report application timeouts and video conference freezes.
   Network monitoring shows periodic packet loss bursts (2-5 seconds,
   several times per hour) with rapid recovery.  Traditional
   threshold-based alarms cannot reliably detect this: the loss bursts
   are too brief to trigger sustained alarm conditions, and average
   loss over 5-minute intervals remains within normal range.</t>
        <t>
   The Controller NBI exposes YANG models for VPN service
   configuration (ietf-l3vpn-ntw), VPN performance monitoring
   <xref target="RFC9375" format="default"/>, alarm notification <xref target="RFC8632" format="default"/>, topology <xref target="RFC8345" format="default"/>,
   service assurance <xref target="RFC9418" format="default"/>, and interface state <xref target="RFC8343" format="default"/>.  The
   OSS can retrieve VPN routing state, query interface counters,
   subscribe to telemetry streams, and receive threshold-crossing
   alarms.</t>
        <t>
   The operator's goal is not to "retrieve counters" but to "restore VPN-Corp-A to contracted SLA (packet loss &lt; 0.1%, latency &lt; 50ms) and identify the root cause."  Achieving this goal requires
   correlating transient events across multiple data sources over
   time, which the existing NBI does not support as a delegable task.</t>
        <t>
   Specifically, the diagnostic process involves:</t>
        <ol spacing="normal" type="1"><li>
            <t>Detecting the micro-burst pattern (2-5 second loss) that does
       not trigger sustained alarms, requiring high-frequency
       telemetry analysis.</t>
          </li>
          <li>
            <t>Localizing the fault to ingress PE, egress PE, or core P-node
       path by correlating interface drop counters across nodes.</t>
          </li>
          <li>
            <t>Identifying the root cause: congestion, routing instability,
       MTU mismatch, or link-level errors.</t>
          </li>
          <li>
            <t>Selecting and executing remediation (QoS adjustment, BGP
       policy tuning, protection switching, etc.).</t>
          </li>
          <li>
            <t>Verifying that the micro-burst pattern disappears and SLA
       metrics are restored.</t>
          </li>
        </ol>
        <t>
   The gap: The existing NBI provides all the raw data for steps 1-5,
   but no semantics to delegate the end-to-end goal.  The OSS must
   either implement all correlation and reasoning logic itself, or
   integrate with a vendor-specific NMA interface.  In a multi-vendor
   network, the latter requires distinct integration logic per
   Controller vendor.</t>
      </section>
      <section anchor="sect-2.2" numbered="true" toc="default">
        <name>Use Case 2: Cross-Domain Hardware Fault with Human Repair Action</name>
        <t>
   Scenario: A 5G base station (gNB-001) connects to the IPRAN access
   network via a single fiber pair to PE-agg-01.  The operator
   observes service degradation for cells served by gNB-001.  The
   goal is to determine whether the root cause lies in the IP
   transport domain or the RAN access domain, and to restore service
   or prepare a structured human repair action.  The IP domain
   Controller has a co-resident NMA.  The RAN domain is managed by a
   separate Controller with limited northbound data exposure.</t>
        <t>
   The IP domain Controller NBI exposes YANG models for interface
   state (ietf-interfaces), performance monitoring
   (ietf-network-vpn-pm), and other necessary metrics.  The OSS can
   query these directly.</t>
        <t>
   The operator's goal is not to "query interface counters" but to
   "determine the root cause and restore service, or prepare a structured human repair action if the fault is physical."  This
   goal spans both domains, but the OSS must perform the correlation
   itself.</t>
        <t>
   The NMA in the IP domain can:</t>
        <ol spacing="normal" type="1"><li>
            <t>Query the gNB-001 attachment interface on PE-agg-01: admin-up,
       oper-down.  Optical RX power on PE-agg-01: -28dBm (below
       receiver sensitivity of -20dBm).  Optical TX power on PE-agg-01
       is within normal range.  Conclusion: PE-agg-01 is transmitting
       normally but receiving no usable light.</t>
          </li>
          <li>
            <t>Infer fiber plant status from available IP-domain data: the
       interface on PE-agg-01 shows no administrative disable, no
       protection switching events, and no interface-level alarms
       beyond the loss of signal.  The optical transceiver on
       PE-agg-01 reports that a faint optical signal is detected on
       the receive side, though insufficient for data reception.
       Conclusion: there is no positive evidence of a fiber break
       observable from the IP domain; the fault appears to be upstream
       of PE-agg-01.</t>
          </li>
          <li>
            <t>Query Layer 2/Layer 3 reachability: no ARP response or ICMP
       echo reply from gNB-001.  The faint optical signal detected on
       PE-agg-01 indicates the remote transmitter is emitting weak
       light.  Conclusion: gNB-001 is powered but data signal is
       insufficient.</t>
          </li>
          <li>
            <t>Query RAN domain status: gNB-001 reported as "administratively online" by RAN OAM 5 minutes ago, but current status query
       times out.  No "site power loss" alarm.  Conclusion: base
       station likely has power but management/data paths are
       non-functional.</t>
          </li>
          <li>
            <t>Correlate findings: optical RX below threshold, no positive
       evidence of fiber break from IP domain data, PE-agg-01 TX
       normal, gNB-001 emits weak signal but no protocol response, no
       power alarm.  Root cause inference: gNB-001 optical transceiver
       (TX side) degraded or failed, or there is a partial fiber fault
       between gNB-001 and PE-agg-01 that severely attenuates the
       signal.  IP domain equipment is not at fault, though the exact
       boundary of the failure (gNB-001 transceiver vs. fiber plant)
       cannot be determined from IP-domain data alone.</t>
          </li>
          <li>
            <t>Determine: physical inspection or repair at gNB-001 site is
       required.  Possible actions include optical transceiver
       replacement at gNB-001, fiber cleaning, or fiber plant testing.
       No autonomous remediation available.  Task cannot be fully
       closed without human repair action.</t>
          </li>
        </ol>
        <t>
   The gap: At step 6, the NMA has completed diagnosis but cannot
   complete remediation.  The OSS needs:</t>
        <ul spacing="normal">
          <li>
            <t>Task status: not "success" or "failure," but "diagnosed, human repair action required"</t>
          </li>
          <li>
            <t>Structured human repair data: location, action, estimated
      duration, business impact</t>
          </li>
          <li>
            <t>Evidence trace: references to YANG-modeled data supporting the
      diagnosis</t>
          </li>
        </ul>
        <t>
   The existing NBI provides no semantics for the NMA to report
   such a structured conclusion.  The OSS must either perform this
   correlation itself or integrate with each vendor's proprietary
   diagnostic output.  In a multi-vendor deployment, diagnostic
   quality, repair dispatch workflows, and programmatic verifiability
   remain vendor-specific.</t>
      </section>
    </section>
    <section anchor="sect-3" numbered="true" toc="default">
      <name>Gaps Identified from Operational Scenarios</name>
      <t>
   The operational scenarios in <xref target="sect-2" format="default"/> reveal the following gaps,
   which a standardized NTI would need to address.</t>
      <section anchor="sect-3.1" numbered="true" toc="default">
        <name>Structured Interface for Task Delegation</name>
        <t>
   Current NMA northbound interfaces are implemented as vendor-
   specific constructs: proprietary REST APIs, gRPC schemas, or
   conversational prompt templates.  In multi-vendor environments,
   operators must integrate with each of these variations
   individually.</t>
        <t>
   The gap is the absence of a common, machine-readable structure for
   expressing operational goals, constraints, and execution feedback.
   Whether such a structure is expressed in YANG, JSON Schema, or
   another formalism is a matter for subsequent standardization work.</t>
      </section>
      <section anchor="sect-3.2" numbered="true" toc="default">
        <name>Intent Expression Above Data Operations</name>
        <t>
   The existing Controller NBI enables the OSS to operate on network
   resources -- modify a VPN parameter, retrieve a metric, subscribe
   to an alarm stream.  However, the operator's goal is often
   expressed at a higher level: "restore VPN-X to its SLA within 30 minutes."</t>
        <t>
   The gap is that current NMA interfaces either expose the same data
   operations as the NBI (forcing the OSS to decompose the goal
   itself) or accept goals through proprietary, unstructured formats.
   There is no standardized mechanism for expressing an operational
   intent with its associated constraints and success criteria.</t>
      </section>
      <section anchor="sect-3.3" numbered="true" toc="default">
        <name>Common Task Lifecycle Semantics</name>
        <t>
   Current vendor NMA interfaces use divergent models for tracking
   task execution.  One vendor may report "submitted -&gt; in_progress -&gt; done -&gt; failed"; another may use "accepted -&gt; analyzing -&gt; acting -&gt; verifying -&gt; closed"; a third may expose no intermediate states
   at all, requiring the OSS to poll for completion.</t>
        <t>
   The gap is the absence of common semantics for expressing task
   progress, partial completion, suspension awaiting human input, or
   handover to another system.  Operators cannot build unified
   dashboards or automated escalation workflows without normalizing
   these divergent state models.</t>
      </section>
      <section anchor="sect-3.4" numbered="true" toc="default">
        <name>Correlation with Existing IETF Data Models</name>
        <t>
   When an NMA reports a diagnostic conclusion or remediation result,
   the consumer needs to verify it against the network state.  Current
   vendor implementations use proprietary formats for referencing
   incidents, alarms, performance metrics, and topology resources.</t>
        <t>
   The gap is the absence of a standardized mechanism for NMA outputs
   to reference existing IETF data model instances -- such as an
   ietf-network-incident record, an ietf-alarms instance, or an
   ietf-network-vpn-pm metric -- by standard identifier.  Without
   this, the consumer cannot programmatically correlate NMA
   conclusions with the underlying network data.</t>
      </section>
      <section anchor="sect-3.5" numbered="true" toc="default">
        <name>Programmatic Visibility into NMA Capabilities</name>
        <t>
   Operators managing multi-vendor networks lack a standardized
   mechanism to determine what tasks an NMA supports without vendor-
   specific integration.  Capability information is typically conveyed
   in human-readable documentation or proprietary API descriptors,
   not in a machine-consumable structure that an OSS can query and act
   upon.  For example, one vendor's NMA may support autonomous VPN
   fault remediation; another's may only support advisory diagnosis.</t>
      </section>
      <section anchor="sect-3.6" numbered="true" toc="default">
        <name>Clarification of Layer Boundaries</name>
        <t>
   Some current NMA implementations expose operations through their
   northbound interface that are already available through the
   Controller NBI -- such as VPN service creation, tunnel parameter
   modification, or QoS policy adjustment.  This creates ambiguity for
   the consumer: should the OSS use the standardized NBI directly, or
   the NMA's proprietary interface for the same operation?</t>
        <t>
   The gap is the absence of a clear boundary between the task layer
   (what goal to achieve) and the data layer (how to configure a
   resource).</t>
      </section>
      <section anchor="sect-3.7" numbered="true" toc="default">
        <name>Authorization Interface for Autonomous Operations</name>
        <t>
   When an NMA performs autonomous remediation, the operator needs
   to define and enforce boundaries: what actions may be taken
   without human confirmation, under what time constraints, and
   with what scope limitations.  Current vendor implementations use
   proprietary authorization models -- some support per-task risk
   levels, others use static allow-lists, others provide no
   programmatic control at all.</t>
        <t>
   The gap is the absence of a standardized mechanism for the
   consumer to express authorization constraints to the NMA and for
   the NMA to report compliance with those constraints.</t>
      </section>
      <section anchor="sect-3.8" numbered="true" toc="default">
        <name>Event Notification for Task Progress</name>
        <t>
   Current NMA interfaces require the OSS to either poll for task
   status or maintain vendor-specific event subscriptions.  In multi-
   vendor environments, this forces the OSS to implement multiple
   notification mechanisms -- REST callbacks, gRPC streams, or
   proprietary message formats.</t>
        <t>
   The gap is the absence of common semantics for notifying the
   consumer of task progress, partial completion, or state transitions
   that require human attention.  Whether these notifications are
   delivered via YANG-Push, HTTP callbacks, or another mechanism is a
   matter for subsequent standardization.</t>
      </section>
    </section>
    <section anchor="sect-4" numbered="true" toc="default">
      <name>Relationship to Other Work</name>
      <t>
   The NTI is a consumer of existing IETF specifications and
   complementary to other SDO work; it is not a replacement.</t>
      <section anchor="sect-4.1" numbered="true" toc="default">
        <name>RFC 8969: Controller NBI Architecture</name>
        <t>
   RFC 8969 <xref target="RFC8969" format="default"/> defines the architecture for a YANG-based
   controller northbound interface.  The NTI assumes this
   architecture: the NMA resides within or alongside the Controller
   and consumes the NBI for southbound operations.  The NTI operates
   at the layer above the NBI, where operational tasks are delegated
   to the NMA and execution progress is reported back.</t>
      </section>
      <section anchor="sect-4.2" numbered="true" toc="default">
        <name>YANG Message Broker Integration</name>
        <t>
   <xref target="I-D.ietf-nmop-yang-message-broker-integration" format="default"/> defines an
   architecture for integrating YANG-Push notifications with message
   brokers and schema registries.  The NTI may reference data
   distributed through this architecture as part of Task Context.
   The NTI consumes standardized data; it does not redefine the
   distribution mechanisms.</t>
      </section>
      <section anchor="sect-4.3" numbered="true" toc="default">
        <name>RFC 9315: Intent-Based Networking</name>
        <t>
   RFC 9315 <xref target="RFC9315" format="default"/> defines Intent-Based Networking (IBN) concepts
   for expressing network service and resource configuration
   objectives.  The NTI addresses a distinct but related scope:
   operational task delegation -- such as fault diagnosis, service
   assurance remediation, and what-if analysis -- rather than network
   resource configuration.  The two may be used together, but neither
   depends on the other.</t>
      </section>
      <section anchor="sect-4.4" numbered="true" toc="default">
        <name>RFC 9417/9418: Service Assurance for IBN</name>
        <t>
   RFC 9417 <xref target="RFC9417" format="default"/> and RFC 9418 <xref target="RFC9418" format="default"/> define the SAIN
   architecture and YANG models for health scores, symptoms, and
   assurance graphs.  The NTI may reference SAIN-modeled data in Task
   Context or execution results, but does not define assurance data
   structures; it references them by standard identifier.</t>
      </section>
      <section anchor="sect-4.5" numbered="true" toc="default">
        <name>NMA Architecture</name>
        <t>
   <xref target="I-D.zhao-nmop-network-management-agent" format="default"/> defines the NMA concept, architecture variants, and
   deployment modes.  It identifies the need for a northbound task
   interface but does not define its semantics.  This document
   provides the problem statement motivating that standardization
   work.</t>
      </section>
      <section anchor="sect-4.6" numbered="true" toc="default">
        <name>Network Incident YANG</name>
        <t>
   <xref target="I-D.ietf-nmop-network-incident-yang" format="default"/> defines a YANG model for
   network incident lifecycle management.  The NTI may reference
   incident instances in Task Context, but does not define incident
   structures.</t>
      </section>
      <section anchor="sect-4.7" numbered="true" toc="default">
        <name>Resource Performance Monitoring YANG</name>
        <t>
   <xref target="I-D.yu-ccamp-resource-pm-yang" format="default"/> defines a YANG model for resource
   performance monitoring.  The NTI may reference resource PM data in
   Task Context or execution results, but does not define PM data
   structures.</t>
      </section>
      <section anchor="sect-4.8" numbered="true" toc="default">
        <name>TMF A2A-T</name>
        <t>
   TMF IG1453 (A2A-T) <xref target="A2A-T" format="default"/> defines generic task templates, event
   structures, and negotiation semantics for cross-domain multi-agent
   collaboration.  The NTI addresses a related but distinct scope:
   how a single NMA exposes task delegation, capability, and progress
   reporting to its consumer using IETF management protocol
   identifiers.  Where an operator uses A2A-T for inter-domain
   coordination, the NTI defines how those same task concepts are
   expressed within the IETF management stack.  The two are
   complementary and not overlapping.</t>
      </section>
    </section>
    <section anchor="sect-5" numbered="true" toc="default">
      <name>Security Considerations</name>
      <t>
   Standardization of the NTI would introduce the following security
   considerations, which are distinct from those of the underlying
   management protocols (NETCONF, RESTCONF) due to the higher semantic
   level of task delegation.</t>
      <t>
   Intent Injection: A compromised consumer could submit malicious
   goals that trigger unintended autonomous actions across the
   network.  This risk is analogous to configuration injection but
   operates at a higher semantic level where a single task maps to
   multiple underlying operations.  Standardization of the NTI would
   need to consider how intent authentication, authorization, and
   scope validation relate to existing mechanisms such as NACM
   <xref target="RFC8341" format="default"/>.</t>
      <t>
   Information Leakage: NTI responses may contain diagnostic
   conclusions, evidence traces, or capability descriptions that
   reveal internal network topology, resource utilization, or
   operational weaknesses.  Standardization would need to consider
   how response content is authorized and filtered, potentially
   leveraging access control frameworks such as NACM <xref target="RFC8341" format="default"/>.</t>
      <t>
   Concurrent Operation Conflicts: In deployments where both the NTI
   and direct NBI access are available, a task delegated through the
   NTI may overlap with manual NBI operations.  This creates potential
   for race conditions.  Standardization would need to make such
   conflicts visible and auditable.</t>
    </section>
    <section anchor="sect-6" numbered="true" toc="default">
      <name>IANA Considerations</name>
      <t>
   This document makes no requests of IANA.</t>
    </section>
  </middle>
  <back>
    <references>
      <name>References</name>
      <references>
        <name>Normative References</name>
        <reference anchor="RFC7950" target="https://www.rfc-editor.org/info/rfc7950" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7950.xml">
          <front>
            <title>The YANG 1.1 Data Modeling Language</title>
            <author fullname="M. Bjorklund" initials="M." role="editor" surname="Bjorklund"/>
            <date month="August" year="2016"/>
            <abstract>
              <t>YANG is a data modeling language used to model configuration data, state data, Remote Procedure Calls, and notifications for network management protocols. This document describes the syntax and semantics of version 1.1 of the YANG language. YANG version 1.1 is a maintenance release of the YANG language, addressing ambiguities and defects in the original specification. There are a small number of backward incompatibilities from YANG version 1. This document also specifies the YANG mappings to the Network Configuration Protocol (NETCONF).</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="7950"/>
          <seriesInfo name="DOI" value="10.17487/RFC7950"/>
        </reference>
        <reference anchor="RFC6241" target="https://www.rfc-editor.org/info/rfc6241" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6241.xml">
          <front>
            <title>Network Configuration Protocol (NETCONF)</title>
            <author fullname="R. Enns" initials="R." role="editor" surname="Enns"/>
            <author fullname="M. Bjorklund" initials="M." role="editor" surname="Bjorklund"/>
            <author fullname="J. Schoenwaelder" initials="J." role="editor" surname="Schoenwaelder"/>
            <author fullname="A. Bierman" initials="A." role="editor" surname="Bierman"/>
            <date month="June" year="2011"/>
            <abstract>
              <t>The Network Configuration Protocol (NETCONF) defined in this document provides mechanisms to install, manipulate, and delete the configuration of network devices. It uses an Extensible Markup Language (XML)-based data encoding for the configuration data as well as the protocol messages. The NETCONF protocol operations are realized as remote procedure calls (RPCs). This document obsoletes RFC 4741. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="6241"/>
          <seriesInfo name="DOI" value="10.17487/RFC6241"/>
        </reference>
        <reference anchor="RFC8040" target="https://www.rfc-editor.org/info/rfc8040" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8040.xml">
          <front>
            <title>RESTCONF Protocol</title>
            <author fullname="A. Bierman" initials="A." surname="Bierman"/>
            <author fullname="M. Bjorklund" initials="M." surname="Bjorklund"/>
            <author fullname="K. Watsen" initials="K." surname="Watsen"/>
            <date month="January" year="2017"/>
            <abstract>
              <t>This document describes an HTTP-based protocol that provides a programmatic interface for accessing data defined in YANG, using the datastore concepts defined in the Network Configuration Protocol (NETCONF).</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8040"/>
          <seriesInfo name="DOI" value="10.17487/RFC8040"/>
        </reference>
        <reference anchor="RFC8341" target="https://www.rfc-editor.org/info/rfc8341" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8341.xml">
          <front>
            <title>Network Configuration Access Control Model</title>
            <author fullname="A. Bierman" initials="A." surname="Bierman"/>
            <author fullname="M. Bjorklund" initials="M." surname="Bjorklund"/>
            <date month="March" year="2018"/>
            <abstract>
              <t>The standardization of network configuration interfaces for use with the Network Configuration Protocol (NETCONF) or the RESTCONF protocol requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF or RESTCONF protocol access for particular users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content. This document defines such an access control model.</t>
              <t>This document obsoletes RFC 6536.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="91"/>
          <seriesInfo name="RFC" value="8341"/>
          <seriesInfo name="DOI" value="10.17487/RFC8341"/>
        </reference>
        <reference anchor="RFC8969" target="https://www.rfc-editor.org/info/rfc8969" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8969.xml">
          <front>
            <title>A Framework for Automating Service and Network Management with YANG</title>
            <author fullname="Q. Wu" initials="Q." role="editor" surname="Wu"/>
            <author fullname="M. Boucadair" initials="M." role="editor" surname="Boucadair"/>
            <author fullname="D. Lopez" initials="D." surname="Lopez"/>
            <author fullname="C. Xie" initials="C." surname="Xie"/>
            <author fullname="L. Geng" initials="L." surname="Geng"/>
            <date month="January" year="2021"/>
            <abstract>
              <t>Data models provide a programmatic approach to represent services and networks. Concretely, they can be used to derive configuration information for network and service components, and state information that will be monitored and tracked. Data models can be used during the service and network management life cycle (e.g., service instantiation, service provisioning, service optimization, service monitoring, service diagnosing, and service assurance). Data models are also instrumental in the automation of network management, and they can provide closed-loop control for adaptive and deterministic service creation, delivery, and maintenance.</t>
              <t>This document describes a framework for service and network management automation that takes advantage of YANG modeling technologies. This framework is drawn from a network operator perspective irrespective of the origin of a data model; thus, it can accommodate YANG modules that are developed outside the IETF.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8969"/>
          <seriesInfo name="DOI" value="10.17487/RFC8969"/>
        </reference>
      </references>
      <references>
        <name>Informative References</name>
        <reference anchor="RFC8343" target="https://www.rfc-editor.org/info/rfc8343" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8343.xml">
          <front>
            <title>A YANG Data Model for Interface Management</title>
            <author fullname="M. Bjorklund" initials="M." surname="Bjorklund"/>
            <date month="March" year="2018"/>
            <abstract>
              <t>This document defines a YANG data model for the management of network interfaces. It is expected that interface-type-specific data models augment the generic interfaces data model defined in this document. The data model includes definitions for configuration and system state (status information and counters for the collection of statistics).</t>
              <t>The YANG data model in this document conforms to the Network Management Datastore Architecture (NMDA) defined in RFC 8342.</t>
              <t>This document obsoletes RFC 7223.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8343"/>
          <seriesInfo name="DOI" value="10.17487/RFC8343"/>
        </reference>
        <reference anchor="RFC8345" target="https://www.rfc-editor.org/info/rfc8345" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8345.xml">
          <front>
            <title>A YANG Data Model for Network Topologies</title>
            <author fullname="A. Clemm" initials="A." surname="Clemm"/>
            <author fullname="J. Medved" initials="J." surname="Medved"/>
            <author fullname="R. Varga" initials="R." surname="Varga"/>
            <author fullname="N. Bahadur" initials="N." surname="Bahadur"/>
            <author fullname="H. Ananthakrishnan" initials="H." surname="Ananthakrishnan"/>
            <author fullname="X. Liu" initials="X." surname="Liu"/>
            <date month="March" year="2018"/>
            <abstract>
              <t>This document defines an abstract (generic, or base) YANG data model for network/service topologies and inventories. The data model serves as a base model that is augmented with technology-specific details in other, more specific topology and inventory data models.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8345"/>
          <seriesInfo name="DOI" value="10.17487/RFC8345"/>
        </reference>
        <reference anchor="RFC8632" target="https://www.rfc-editor.org/info/rfc8632" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8632.xml">
          <front>
            <title>A YANG Data Model for Alarm Management</title>
            <author fullname="S. Vallin" initials="S." surname="Vallin"/>
            <author fullname="M. Bjorklund" initials="M." surname="Bjorklund"/>
            <date month="September" year="2019"/>
            <abstract>
              <t>This document defines a YANG module for alarm management. It includes functions for alarm-list management, alarm shelving, and notifications to inform management systems. There are also operations to manage the operator state of an alarm and administrative alarm procedures. The module carefully maps to relevant alarm standards.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8632"/>
          <seriesInfo name="DOI" value="10.17487/RFC8632"/>
        </reference>
        <reference anchor="RFC8641" target="https://www.rfc-editor.org/info/rfc8641" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8641.xml">
          <front>
            <title>Subscription to YANG Notifications for Datastore Updates</title>
            <author fullname="A. Clemm" initials="A." surname="Clemm"/>
            <author fullname="E. Voit" initials="E." surname="Voit"/>
            <date month="September" year="2019"/>
            <abstract>
              <t>This document describes a mechanism that allows subscriber applications to request a continuous and customized stream of updates from a YANG datastore. Providing such visibility into updates enables new capabilities based on the remote mirroring and monitoring of configuration and operational state.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8641"/>
          <seriesInfo name="DOI" value="10.17487/RFC8641"/>
        </reference>
        <reference anchor="RFC9315" target="https://www.rfc-editor.org/info/rfc9315" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9315.xml">
          <front>
            <title>Intent-Based Networking - Concepts and Definitions</title>
            <author fullname="A. Clemm" initials="A." surname="Clemm"/>
            <author fullname="L. Ciavaglia" initials="L." surname="Ciavaglia"/>
            <author fullname="L. Z. Granville" initials="L. Z." surname="Granville"/>
            <author fullname="J. Tantsura" initials="J." surname="Tantsura"/>
            <date month="October" year="2022"/>
            <abstract>
              <t>Intent and Intent-Based Networking are taking the industry by storm. At the same time, terms related to Intent-Based Networking are often used loosely and inconsistently, in many cases overlapping and confused with other concepts such as "policy." This document clarifies the concept of "intent" and provides an overview of the functionality that is associated with it. The goal is to contribute towards a common and shared understanding of terms, concepts, and functionality that can be used as the foundation to guide further definition of associated research and engineering problems and their solutions.</t>
              <t>This document is a product of the IRTF Network Management Research Group (NMRG). It reflects the consensus of the research group, having received many detailed and positive reviews by research group participants. It is published for informational purposes.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9315"/>
          <seriesInfo name="DOI" value="10.17487/RFC9315"/>
        </reference>
        <reference anchor="RFC9375" target="https://www.rfc-editor.org/info/rfc9375" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9375.xml">
          <front>
            <title>A YANG Data Model for Network and VPN Service Performance Monitoring</title>
            <author fullname="B. Wu" initials="B." role="editor" surname="Wu"/>
            <author fullname="Q. Wu" initials="Q." role="editor" surname="Wu"/>
            <author fullname="M. Boucadair" initials="M." role="editor" surname="Boucadair"/>
            <author fullname="O. Gonzalez de Dios" initials="O." surname="Gonzalez de Dios"/>
            <author fullname="B. Wen" initials="B." surname="Wen"/>
            <date month="April" year="2023"/>
            <abstract>
              <t>The data model for network topologies defined in RFC 8345 introduces vertical layering relationships between networks that can be augmented to cover network and service topologies. This document defines a YANG module for performance monitoring (PM) of both underlay networks and overlay VPN services that can be used to monitor and manage network performance on the topology of both layers.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9375"/>
          <seriesInfo name="DOI" value="10.17487/RFC9375"/>
        </reference>
        <reference anchor="RFC9417" target="https://www.rfc-editor.org/info/rfc9417" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9417.xml">
          <front>
            <title>Service Assurance for Intent-Based Networking Architecture</title>
            <author fullname="B. Claise" initials="B." surname="Claise"/>
            <author fullname="J. Quilbeuf" initials="J." surname="Quilbeuf"/>
            <author fullname="D. Lopez" initials="D." surname="Lopez"/>
            <author fullname="D. Voyer" initials="D." surname="Voyer"/>
            <author fullname="T. Arumugam" initials="T." surname="Arumugam"/>
            <date month="July" year="2023"/>
            <abstract>
              <t>This document describes an architecture that provides some assurance that service instances are running as expected. As services rely upon multiple subservices provided by a variety of elements, including the underlying network devices and functions, getting the assurance of a healthy service is only possible with a holistic view of all involved elements. This architecture not only helps to correlate the service degradation with symptoms of a specific network component but, it also lists the services impacted by the failure or degradation of a specific network component.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9417"/>
          <seriesInfo name="DOI" value="10.17487/RFC9417"/>
        </reference>
        <reference anchor="RFC9418" target="https://www.rfc-editor.org/info/rfc9418" xml:base="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9418.xml">
          <front>
            <title>A YANG Data Model for Service Assurance</title>
            <author fullname="B. Claise" initials="B." surname="Claise"/>
            <author fullname="J. Quilbeuf" initials="J." surname="Quilbeuf"/>
            <author fullname="P. Lucente" initials="P." surname="Lucente"/>
            <author fullname="P. Fasano" initials="P." surname="Fasano"/>
            <author fullname="T. Arumugam" initials="T." surname="Arumugam"/>
            <date month="July" year="2023"/>
            <abstract>
              <t>This document specifies YANG modules for representing assurance graphs. These graphs represent the assurance of a given service by decomposing it into atomic assurance elements called subservices. The companion document, "Service Assurance for Intent-Based Networking Architecture" (RFC 9417), presents an architecture for implementing the assurance of such services.</t>
              <t>The YANG data models in this document conform to the Network Management Datastore Architecture (NMDA) defined in RFC 8342.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9418"/>
          <seriesInfo name="DOI" value="10.17487/RFC9418"/>
        </reference>
        <reference anchor="I-D.zhao-nmop-network-management-agent" target="https://datatracker.ietf.org/doc/html/draft-zhao-nmop-network-management-agent-05" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.zhao-nmop-network-management-agent.xml">
          <front>
            <title>AI based Network Management Agent(NMA): Concepts and Architecture</title>
            <author fullname="Xing Zhao"/>
            <author fullname="Minxue Wang"/>
            <author fullname="Bo Wu"/>
            <author fullname="Daniele Ceccarelli"/>
            <author fullname="Haomian Zheng"/>
            <author fullname="Jin Zhou"/>
            <date day="6" month="July" year="2026"/>
            <abstract>
              <t>The evolution from Level 3 (assisted automation) to Level 4 (closed-
   loop autonomy) in Autonomous Networks (AN) introduces requirements
   for agentic capabilities, including intent-based reasoning,
   autonomous planning, and context-aware decision-making, and execution
   coordination, which transcend the static, rule-based logic of
   traditional network controllers.  This document defines the concept
   of the Network Management Agent (NMA), a network management entity
   with autonomous task processing capabilities designed to bridge the
   gap between service intent and network operations.</t>
              <t>This document describes the role of NMA in network management and
   control architectures, and specifies how the NMA collaborates with
   existing network controllers to achieve Autonomous L4 without
   replacing or duplicating their functions.  It further defines the
   reference architecture, deployment modes, and logical interfaces of
   the NMA, including Agent-to-User (A2U), Agent-to-Agent (A2A), Agent-
   to-Controller (A2C), and Agent-to-Network (A2N) interactions.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-zhao-nmop-network-management-agent-05"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-network-incident-yang" target="https://datatracker.ietf.org/doc/html/draft-ietf-nmop-network-incident-yang-10" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-nmop-network-incident-yang.xml">
          <front>
            <title>A YANG Data Model for Network Incident Management</title>
            <author fullname="Tong Hu"/>
            <author fullname="Luis M. Contreras"/>
            <author fullname="Qin Wu"/>
            <author fullname="Nigel Davis"/>
            <author fullname="Chong Feng"/>
            <date day="6" month="July" year="2026"/>
            <abstract>
              <t>This document defines a YANG Module for the network incident
   lifecycle management.  This YANG module is meant to provide a
   standard way to report, diagnose, and help reduce troubleshooting
   tickets and resolve network incidents for the sake of network service
   health and probable cause analysis.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-network-incident-yang-10"/>
        </reference>
        <reference anchor="I-D.yu-ccamp-resource-pm-yang" target="https://datatracker.ietf.org/doc/html/draft-yu-ccamp-resource-pm-yang-05" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.yu-ccamp-resource-pm-yang.xml">
          <front>
            <title>A YANG Data Model for Resource Performance Monitoring</title>
            <author fullname="Chaode Yu" initials="C." surname="Yu">
              <organization>Huawei Technologies</organization>
            </author>
            <author fullname="Fabio Peruzzini" initials="F." surname="Peruzzini">
              <organization>FiberCop</organization>
            </author>
            <author fullname="Zheng Yanlei" initials="Z." surname="Yanlei">
              <organization>China Unicom</organization>
            </author>
            <author fullname="Italo Busi" initials="I." surname="Busi">
              <organization>Huawei Technologies</organization>
            </author>
            <author fullname="Aihua Guo" initials="A." surname="Guo">
              <organization>Futurewei Technologies</organization>
            </author>
            <author fullname="Victor Lopez" initials="V." surname="Lopez">
              <organization>Nokia</organization>
            </author>
            <author fullname="XingZhao" initials="" surname="XingZhao">
              <organization>CAICT</organization>
            </author>
            <author fullname="Mingshuang Jin" initials="M." surname="Jin">
              <organization>Huawei Technologies</organization>
            </author>
            <date day="7" month="January" year="2026"/>
            <abstract>
              <t>This document defines a YANG data model for resource Performance Monitoring, applicable to network controllers, which provides the functionalities of retrieval of performance monitoring capabilities, TCA (Threshold Crossing Alert) configuration, current or history performance data retrieval, and performance monitoring task management.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-yu-ccamp-resource-pm-yang-05"/>
        </reference>
        <reference anchor="I-D.ietf-nmop-yang-message-broker-integration" target="https://datatracker.ietf.org/doc/html/draft-ietf-nmop-yang-message-broker-integration-13" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-nmop-yang-message-broker-integration.xml">
          <front>
            <title>An Architecture for YANG-Push to Message Broker Integration</title>
            <author fullname="Thomas Graf" initials="T." surname="Graf">
              <organization>Swisscom</organization>
            </author>
            <author fullname="Ahmed Elhassany" initials="A." surname="Elhassany">
              <organization>Swisscom</organization>
            </author>
            <date day="2" month="July" year="2026"/>
            <abstract>
              <t>This document describes the motivation and architecture of a native YANG-Push notifications and YANG Schema integration into a Message Broker and YANG Schema Registry.</t>
            </abstract>
          </front>
          <seriesInfo name="Internet-Draft" value="draft-ietf-nmop-yang-message-broker-integration-13"/>
        </reference>
        <reference anchor="A2A-T" target="https://www.tmforum.org/resources/ig1453/">
          <front>
            <title>IG1453: Autonomous Networks Agent-to-Agent (A2A) Task Interface</title>
            <author>
              <organization>TM Forum</organization>
            </author>
            <date year="2025"/>
          </front>
          <seriesInfo name="Version" value="1.0"/>
        </reference>
      </references>
    </references>
    <section anchor="sect-a" numbered="true" toc="default">
      <name>Workflow Comparison</name>
      <section anchor="sect-a.1" numbered="true" toc="default">
        <name>Current Practice: OSS-Centric Orchestration</name>
        <t>
   In today's multi-vendor deployments, an OSS managing VPN service
   assurance must interact with each Controller's NBI directly.  For a
   fault diagnosis task, the OSS typically:</t>
        <ol spacing="normal" type="1"><li>
            <t>Subscribes to alarm streams via YANG-Push</t>
          </li>
          <li>
            <t>Retrieves performance metrics from ietf-network-vpn-pm</t>
          </li>
          <li>
            <t>Queries topology from ietf-network-topology</t>
          </li>
          <li>
            <t>Correlates findings in custom application logic</t>
          </li>
          <li>
            <t>Decides on remediation actions</t>
          </li>
          <li>
            <t>Executes configuration changes via NETCONF/RESTCONF</t>
          </li>
          <li>
            <t>Verifies recovery through repeated metric queries</t>
          </li>
        </ol>
        <t>
   Steps 1-7 must be implemented per vendor, as each Controller may
   expose different YANG module versions, different notification
   mechanisms, or different RPC signatures.  The orchestration logic --
   state machines, error handling, retry policies, correlation rules --
   is maintained in the OSS layer.</t>
      </section>
      <section anchor="sect-a.2" numbered="true" toc="default">
        <name>The Gap: Task Delegation Without Standardization</name>
        <t>
   When an NMA exists within the Controller, capable of performing
   steps 1-7 internally, the OSS currently has no standardized
   interface to delegate the goal.  Instead, the OSS must either
   continue executing steps 1-7 itself, or integrate with the
   vendor's proprietary task interface, replicating this integration
   for each Controller vendor.</t>
        <t>
   The NTI would address this gap by providing standardized semantics
   for the OSS to express the operational goal, receive progress
   updates, and obtain structured results -- without requiring the OSS
   to know how the NMA internally decomposes the task into NBI
   operations.</t>
        <t>
   The following diagram illustrates the conceptual relationship
   between the layers.</t>
        <figure anchor="ure-traditional-oss-driven-workflow-vs.-nma-task-driven-workflow">
          <name>Traditional OSS-driven workflow vs. NMA task-driven workflow</name>
          <artwork name="" type="" align="left" alt=""><![CDATA[
 Traditional approach (YANG APIs)       NTI approach
 ==============================         =====================

      OSS / Orchestrator                   OSS / Orchestrator
            |                                      |
   +--------+--------+                    +--------+--------+
   |                 |                    |                 |
   v                 v                    v                 |
Alarm PM         Topology          NTI task submission      |
 Model              Model         (goal + constraints)
   |                 |                    |                 |
   +--------+--------+                    |                 |
            |                             |                 |
  OSS local orchestration                 |                 |
  logic                                   |                 |
            |                             v                 |
            v                        NMA internal
   Controller NBI (RFC 8969)      orchestration & reasoning
            |                             |                 |
            v                             v                 |
      Network devices              Controller NBI
                                        (RFC 8969)
                                              |
                                              v
                                         Network devices
]]></artwork>
        </figure>
      </section>
    </section>
  </back>
</rfc>
