RE: [Isms] #32: is the securityName=username default OK?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Isms] #32: is the securityName=username default OK?
> Yes. As long as the Kerberos users and AAA users aren't saddled
with
> the requirement to implement and configure localized user
> authentication
> information in the managed entity, I suppose that's all fine.
Nobody has proposed that localized user mapping to securityName is a
requirement to support Kerberos and AAA security models. It is just an
option to allow administrators to run their networks as they see fit,
rather than as the designers of Kerberos or AAA solutions think they
should.
And it is a requirmeent that SNMP still be able to work when Kerberos
and AAA servers cannot be reached, so allowing for local
authentication is important.
_______________________________________________
Isms mailing list
Isms at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/isms
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
