Re: [Isms] open issues

To: <randy_presuhn at mindspring.com>, <isms at ietf.org>
Subject: Re: [Isms] open issues
From: "Pasi.Eronen at nokia.com" <Pasi.Eronen at nokia.com>
Date: Thu, 24 Apr 2008 20:44:33 +0300
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <000c01c8a59a$c04122e0$6801a8c0 at oemcomputer>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <20080422210355.GA12678 at elstar.local><002401c8a4dc$869f3400$6801a8c0 at oemcomputer><20080423064530.GC13183 at elstar.local><000d01c8a513$af1af400$6801a8c0 at oemcomputer><20080423084701.GE13273 at elstar.local><000601c8a56a$e95f1c20$6801a8c0 at oemcomputer><000001c8a597$b0349560$011716ac at NEWTON603> <000c01c8a59a$c04122e0$6801a8c0 at oemcomputer>
Sender: isms-bounces at ietf.org
Thread-index: AcilowCfSKS5R8trTGCh9DKYjPbg5wAjPmUA
Thread-topic: [Isms] open issues

Randy Presuhn wrote:

> In the USM world, the transmitting SNMP engine uses the securityName
> to determine whether the information in the notification should be
> allowed to leave the box.  The SNMP engine receiving that
> notification uses the authentication information to make sure the
> information is genuine.  How does the sender know the notification
> has gone to the "right" user?  All it *really* knows is that the
> SNMP engine for the notification receiver has to have that shared
> key in order to decrypt the payload, and that the notification's
> ultimate consumer must have entrusted that engine with the key.
> This gives us an implicit two-way authentication, at least as far as
> the protocol engines. In terms of demultiplexing incoming
> notification streams to the correct user of the management system,
> whether based on securityName or something else, all RFC 3413 has to
> say in section 3.4 (3) is "After this, processing depends on the
> particular implementation."

I guess in case of SSH, this would mean that the notification
originator (acting as SSH client) needs to know:

in the application:
- transportAddress (of the destination)
- securityName (used primarily to determine whether this 
  information should be allowed to leave the box)

in SSHTM (or somewhere): for each (transportAddress, securityName) 
pair, how to do authentication in ssh client role:
- user name to send in SSH
- authentication method (e.g., password or publickey)
- the secret to use (e.g., password, private key)

in SSH:
- for each transportAddress, the host public key

It seems that in this direction, the securityName and SSH user name
won't be the same: securityName would identify someone who's allowed
to see the information ("researchDeptAdmins" or "John"), but SSH user
name would identify the notification originator ("router37" or
"switch12.44.subunit7.example.com"), right?

(In the command generator case, the securityName and SSH user
name identify the same principal, so they could be the same.)

> Consequently, I think whether collapsing things down to a single
> securityName per agent for incoming notifications would be adequate
> depends on the extent to which implementations of notification
> receiver applications rely on securityName to demultiplex
> notifications corresponding to different "subscriptions."

BTW, is the securityName only handled solely by the security model, 
or is it included somewhere inside the PDU even when you're using
SSHTM? 

If it's not, could we somehow include it just for this purpose 
(allowing notification receiver to do internal processing)?

Best regards,
Pasi
_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

Follow-Ups:
- Re: [Isms] open issues
  - From: Randy Presuhn

References:
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: David B. Nelson
- Re: [Isms] open issues
  - From: Randy Presuhn

Prev by Date: Re: [Isms] open issues
Next by Date: Re: [Isms] open issues
Previous by thread: Re: [Isms] open issues
Next by thread: Re: [Isms] open issues
Index(es):
- Date
- Thread

Re: [Isms] open issues

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.