Re: [Isms] What granularity of attributes do we need for thesecure transport?

To: <j.schoenwaelder at jacobs-university.de>
Subject: Re: [Isms] What granularity of attributes do we need for thesecure transport?
From: "David Harrington" <ietfdbh at comcast.net>
Date: Fri, 4 Apr 2008 13:40:27 -0400
Cc: isms at ietf.org, 'Jeffrey Hutzelman' <jhutz at cmu.edu>
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <20080404172637.GB11552 at elstar.local>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <1A2CFA6602126FFD0425DDA7 at sirius.fac.cs.cmu.edu> <037d01c8966a$4d0b11d0$0600a8c0 at china.huawei.com> <20080404172637.GB11552 at elstar.local>
Sender: isms-bounces at ietf.org
Thread-index: AciWeRBg/P7z/v4TRjSCSwEE+iDxZAAAYdLw

Hi,

You are right. The wording I used was poor.

I do not believe we need to provision the security protocl; I think we
should allow an operator to decide which secure transport they want to
require as a conditon of granting access to the SNMP service. How that
secure transport is configured to deliver certain properties is out of
scope.

dbh

> -----Original Message-----
> From: Juergen Schoenwaelder 
> [mailto:j.schoenwaelder at jacobs-university.de] 
> Sent: Friday, April 04, 2008 1:27 PM
> To: David Harrington
> Cc: 'Jeffrey Hutzelman'; 'David B. Nelson'; isms at ietf.org
> Subject: Re: [Isms] What granularity of attributes do we need 
> for thesecure transport?
> 
> On Fri, Apr 04, 2008 at 11:41:07AM -0400, David Harrington wrote:
>  
> > I certainly have never argued that we should provision such
things,
> > except the protocol. 
> 
> Speaking as technical contributor...
> 
> I think it is important to not confuse the configuration of say an
> SNMP engine or an SSH implementation with RADIUS authentication /
> authorization decisions. Certain things can very well be handled via
> configuration.
> 
> /js
> 
> -- 
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
> 


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

Follow-Ups:
- Re: [Isms] What granularity of attributes do we need for the secure transport?
  - From: David B. Nelson

References:
- Re: [Isms] What granularity of attributes do we need for the secure transport?
  - From: Jeffrey Hutzelman
- Re: [Isms] What granularity of attributes do we need for the secure transport?
  - From: David Harrington
- Re: [Isms] What granularity of attributes do we need for the secure transport?
  - From: Juergen Schoenwaelder

Prev by Date: Re: [Isms] What granularity of attributes do we need for the secure transport?
Next by Date: Re: [Isms] What granularity of attributes do we need for the secure transport?
Previous by thread: Re: [Isms] What granularity of attributes do we need for the secure transport?
Next by thread: Re: [Isms] What granularity of attributes do we need for the secure transport?
Index(es):
- Date
- Thread

Re: [Isms] What granularity of attributes do we need for thesecure transport?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.