Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire

To: Eliot Lear <lear at cisco.com>
Subject: Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Wed, 19 Oct 2005 03:09:45 -0400
Cc: isms at ietf.org, dbharrington at comcast.net
In-reply-to: <4355C9F5.3050000@cisco.com> (Eliot Lear's message of "Wed, 19 Oct 2005 06:22:13 +0200")
List-archive: <http://www1.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@lists.ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.lists.ietf.org>
List-post: <mailto:isms@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=unsubscribe>
References: <618694EF0B657246A4D55A97E38274C3BEC3F7@xmb-sjc-22d.amer.cisco.com> <tslhdbeworf.fsf@cz.mit.edu> <4355C9F5.3050000@cisco.com>
Sender: isms-bounces at lists.ietf.org
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

>>>>> "Eliot" == Eliot Lear <lear at cisco.com> writes:

    Eliot> Sam,
    >> Again, the goal of ISMS is to provide SNMP with support for
    >> *today's* authentication solutions.

    Eliot> It is not so far from the realm of possibility that X.509
    Eliot> will be here. I hope you will agree that if the SSHSM/SNMP
    Eliot> subsystem treats SSH as a black box with appropriate
    Eliot> gazzintas and gazzoutas this shouldn't be a problem.

Completely.  You might even want to do things like standardize X.509
SubjectAltNames for SNMP engine IDs (or you might not); define a
netconf data model fragment for configuring appropriate trust anchors
and certificate validation policies; etc.  

What I think would be inappropriate is depending on X.509 in the core
ssh SM documents.

_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms

References:
- RE: [Isms] #2: is server authentication a requirement that SNMPwillrequire
  - From: Kaushik Narayan \(kaushik\)
- Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire
  - From: Sam Hartman
- Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire
  - From: Eliot Lear

Prev by Date: Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire
Next by Date: RE: [Isms] #8: Do we need a mapping between the SSH keyandSNMPengineID?
Previous by thread: Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire
Next by thread: [Isms] I-D ACTION:draft-ietf-isms-tmsm-00.txt
Index(es):
- Date
- Thread

Re: [Isms] #2: is server authentication a requirement that SNMPwillrequire

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.