Re: [Isms] ssh authn

To: Jeffrey Hutzelman <jhutz at cmu.edu>
Subject: Re: [Isms] ssh authn
From: Wes Hardaker <wjhns1 at hardakers.net>
Date: Mon, 09 Feb 2009 16:18:09 -0800
Cc: isms at ietf.org
Delivered-to: isms at core3.amsl.com
In-reply-to: <1A950075E59BF1D8C1987832 at atlantis.pc.cs.cmu.edu> (Jeffrey Hutzelman's message of "Thu, 22 Jan 2009 21:41:41 -0500")
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Organization: Sparta
References: <0b9501c97be4$024201d0$0600a8c0 at china.huawei.com> <20090122194722.GB7322 at elstar.local> <200901222132.n0MLW7pl021445 at grapenut.srv.cs.cmu.edu> <1A950075E59BF1D8C1987832 at atlantis.pc.cs.cmu.edu>
User-agent: Gnus/5.110011 (No Gnus v0.11) XEmacs/21.4.21 (linux, no MULE)

>>>>> On Thu, 22 Jan 2009 21:41:41 -0500, Jeffrey Hutzelman <jhutz at cmu.edu> said:

>> sentence 1 talks about server authn, which I assume means RFC4253.
>> sentences 2-4 talk about user authn, which I assume means RFC4252
>> sentence 5 talks about server authn, which I assume means RFC4253.

JH> The distinction between the different SSH documents is largely opaque
JH> to SNMP, which operates at a higher layer.

I agree...  The text that is present currently is merely documenting how
to pass information to the SSH layer that in needs.  It's up to the SSH
layer to decide how to use that information when communicating with the
remote (SSH server) side, which depends on system configuration.  We've
deliberately not discussed how to do certain types of authentication
with the remote side and are depending on system-specific config for
authentication configuration (and other SSH configuration too).

JH> I think it's quite clear and meaningful the way it is.

I agree, I think the current text is fine.  That being said, I think
Juergen's new text is just fine too since it says pretty much the same
thing.
-- 
Wes Hardaker
Sparta, Inc.

References:
- [Isms] ssh authn
  - From: David Harrington
- Re: [Isms] ssh authn
  - From: Juergen Schoenwaelder
- Re: [Isms] ssh authn
  - From: Jeffrey Hutzelman

Prev by Date: Re: [Isms] tsm pre11 - minor issues
Next by Date: Re: [Isms] TBD secshell
Previous by thread: Re: [Isms] ssh authn
Next by thread: [Isms] snmp subsystems
Index(es):
- Date
- Thread

Re: [Isms] ssh authn

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.