Re: [Isms] wg last call followup - sshtm

["tom.petch" <cfinss at dial.pipex.com>]

I am still struggling with the 'Pasi problem' that he raised last November and
although I recall seeing a message from him that he was satisfied, I cannot
understand how it works in the current I-Ds; I cannot understand part of the
I-Ds so tell me first what is meant to happen.

Suppose securityName is alice and transport address is bob at example.com:ssh
in a Command Generator.

For a Request, sshtm passes bob to SSH and that is used for the session setup as
per s5.3 3 1.  The Command Responder uses bob for access control etc.  The
response will come back, SSH will pass a name of bob (s5.1 2) to stm as a
securityName via tmStateReference which will pass it on to tsm which may or may
not prefix it (s5.2 3) and then it will get passed to the application.

So the application specified alice and got back bob.

Is this how it is meant to work?

Tom Petch

----- Original Message -----
From: "Juergen Schoenwaelder" <j.schoenwaelder at jacobs-university.de>
To: <isms at ietf.org>
Sent: Thursday, February 26, 2009 8:53 AM
Subject: [Isms] wg last call followup


> On November 4th 2008, I started WG last call on the ISMS document set:
>
> [1] Transport Subsystem for the Simple Network Management Protocol (SNMP)
>     <draft-ietf-isms-tmsm-15.txt>
> [2] Transport Security Model for SNMP
>     <draft-ietf-isms-transport-security-model-10.txt>
> [3] Secure Shell Transport Model for SNMP
>     <draft-ietf-isms-secshell-13.txt>
> [4] Remote Authentication Dial-In User Service (RADIUS) Usage for Simple
>     Network Management Protocol (SNMP) Transport Models
>     <draft-ietf-isms-radius-usage-04.txt>
>
> We received some comments and the subsequent mailing list discussions
> have led to some changes to the ISMS core documents. David just posted
> revised IDs of the core documents:
>
> [1] Transport Subsystem for the Simple Network Management Protocol (SNMP)
>     <draft-ietf-isms-tmsm-16.txt>
> [2] Transport Security Model for SNMP
>     <draft-ietf-isms-transport-security-model-11.txt>
> [3] Secure Shell Transport Model for SNMP
>     <draft-ietf-isms-secshell-14.txt>
>
> Please take a look at the changes. Let us know by March 6th if there
> are any major technical problems with the changes that must be fixed
> before submitting the documents to the AD for publication.  Please
> keep in mind that we are going for Proposed Standard, the entry-level
> maturity level for the standards track.
>
> If you find editorial issues, please report them clearly marked as
> editorial issues.
>
> /js
>
> --
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
> _______________________________________________
> Isms mailing list
> Isms at ietf.org
> https://www.ietf.org/mailman/listinfo/isms