Re: [Isms] What granularity of attributes do we need for the secure transport?

To: <isms at ietf.org>
Subject: Re: [Isms] What granularity of attributes do we need for the secure transport?
From: "David B. Nelson" <dnelson at elbrysnetworks.com>
Date: Wed, 9 Apr 2008 11:59:18 -0400
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <05fe01c89a51$f544bb90$0600a8c0 at china.huawei.com>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Organization: Elbrys Networks, Inc.
References: <sd8wzonjji.fsf at wes.hardakers.net><05ce01c899cf$9f4ad260$0600a8c0 at china.huawei.com><20080409133415.GA16117 at elstar.local> <05fe01c89a51$f544bb90$0600a8c0 at china.huawei.com>
Sender: isms-bounces at ietf.org
Thread-index: AciaRnC+QPVJYR/PSEy1i4i0p9rNZgAALJpgAASulLA=

David Harrington writes...

> If RADIUS will specify requirements for the service, we MUST be able
> to verify we do meet the requirements.

Yes.  It need not be done within the SNMP engine and, for the reasons you
have described, that's not a likely place for this enforcement to exist.  I
would think the likely place would be in the SSH server at the NAS.  It
could also exist in the RADIUS server, based on suitable "hint" attributes.
I think that is a user configuration choice, however, not a protocol design
choice.


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

References:
- Re: [Isms] What granularity of attributes do we need for the securetransport?
  - From: Wes Hardaker
- Re: [Isms] What granularity of attributes do we need forthe securetransport?
  - From: David Harrington
- Re: [Isms] What granularity of attributes do we need forthe securetransport?
  - From: Juergen Schoenwaelder
- Re: [Isms] What granularity of attributes do we need forthesecuretransport?
  - From: David Harrington

Prev by Date: Re: [Isms] What granularity of attributes do we need for the secure transport?
Next by Date: Re: [Isms] What granularity of attributes do we need for thesecuretransport?
Previous by thread: Re: [Isms] What granularity of attributes do we need forthesecuretransport?
Next by thread: Re: [Isms] What granularity of attributes do we need for the secure transport?
Index(es):
- Date
- Thread

Re: [Isms] What granularity of attributes do we need for the secure transport?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.