Re: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?

To: "Blumenthal, Uri" <uri.blumenthal at intel.com>
Subject: Re: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Wed, 19 Oct 2005 05:12:44 -0400
Cc: isms at ietf.org
In-reply-to: <3DEC199BD7489643817ECA151F7C59290204C8DB@pysmsx401.amr.corp.intel.com> (Uri Blumenthal's message of "Mon, 17 Oct 2005 17:38:34 -0400")
List-archive: <http://www1.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@lists.ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.lists.ietf.org>
List-post: <mailto:isms@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@lists.ietf.org?subject=unsubscribe>
References: <3DEC199BD7489643817ECA151F7C59290204C8DB@pysmsx401.amr.corp.intel.com>
Sender: isms-bounces at lists.ietf.org
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)

>>>>> "Blumenthal," == Blumenthal, Uri <uri.blumenthal at intel.com> writes:

    Blumenthal,> First, it is a good practice for any discernable
    Blumenthal,> entity to have unique cryptographic material (keys).
    Blumenthal,> Second, if SNMP manager is OK with ascertaining only
    Blumenthal,> the host to where it directs its commands - then no
    Blumenthal,> need for separate keys. 

Or if the manager is willing to trust the host to direct the command
appropriately.

If however the manager wants
    Blumenthal,> to make sure that he talks with a certain *agent* -
    Blumenthal,> must have separate keys.

If the manager is not willing to trust the host to direct
communication to a requested agent, then each agent needs keys.


_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms

References:
- RE: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?
  - From: Blumenthal, Uri

Prev by Date: [Isms] Please welcome Juergen Schoenwaelder as the second ISMS chair
Next by Date: Re: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?
Previous by thread: RE: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?
Next by thread: RE: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?
Index(es):
- Date
- Thread

Re: [Isms] #8: Do we need a mapping between the SSH key and SNMPengineID?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.