Re: [Isms] What granularity of attributes do we need forthe securetransport?

To: <isms at ietf.org>
Subject: Re: [Isms] What granularity of attributes do we need forthe securetransport?
From: "Randy Presuhn" <randy_presuhn at mindspring.com>
Date: Tue, 8 Apr 2008 21:37:39 -0600
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=mindspring.com; b=FC/VAWXt6s820D88igHuhex2nDUxPhR/w+oWcX4CtzdGYqrkVScmdrNTrzrkxMR5; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <031001c895da$418f5220$0600a8c0 at china.huawei.com><003401c895ec$9a92edc0$6801a8c0 at oemcomputer><20080404112201.GB10840 at elstar.local><sd7if8pa0v.fsf at wes.hardakers.net><001a01c8999c$22b38f40$6801a8c0 at oemcomputer> <sd8wzonjji.fsf at wes.hardakers.net> <05ce01c899cf$9f4ad260$0600a8c0 at china.huawei.com>
Sender: isms-bounces at ietf.org

Hi -

> From: "David Harrington" <ietfdbh at comcast.net>
> To: "'Wes Hardaker'" <wjhns1 at hardakers.net>; "'Randy Presuhn'" <randy_presuhn at mindspring.com>
> Cc: <isms at ietf.org>
> Sent: Tuesday, April 08, 2008 5:23 PM
> Subject: RE: [Isms] What granularity of attributes do we need forthe securetransport?
...
> If we do not send a hint because there is no attribute for it, then is
> it appropriate for RADIUS to **only be able to** respond that "any
> transport protocol that provides integrity checking and encryption is
> fine for SNMP for this user"? 
...

I think the corner we're painting ourselves into here is just as you
describe it, and that providing a way to configure the systems in
an administrative domain so that the actual security provided is
known and adequate, while a legitimate operational concern
which should be documented,  is probably also something that
the IETF won't ever get around to actually addressing.

Randy

_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

References:
- Re: [Isms] What granularity of attributes do we need for the secure transport?
  - From: David Harrington
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Randy Presuhn
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Juergen Schoenwaelder
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Wes Hardaker
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Randy Presuhn
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Wes Hardaker
- Re: [Isms] What granularity of attributes do we need forthe securetransport?
  - From: David Harrington

Prev by Date: Re: [Isms] What granularity of attributes do we need forthe securetransport?
Next by Date: Re: [Isms] What granularity of attributes do we need forthe securetransport?
Previous by thread: Re: [Isms] What granularity of attributes do we need forthe securetransport?
Next by thread: Re: [Isms] What granularity of attributes do we need forthe securetransport?
Index(es):
- Date
- Thread

Re: [Isms] What granularity of attributes do we need forthe securetransport?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.