Re: [Isms] wg last call followup - sshtm

To: "'Jeffrey Hutzelman'" <jhutz at cmu.edu>, "'tom.petch'" <cfinss at dial.pipex.com>, "'Juergen Schoenwaelder'" <j.schoenwaelder at jacobs-university.de>, <isms at ietf.org>
Subject: Re: [Isms] wg last call followup - sshtm
From: "David Harrington" <ietfdbh at comcast.net>
Date: Sun, 1 Mar 2009 08:58:24 -0500
Delivered-to: isms at core3.amsl.com
In-reply-to: <80DC81EC28A8208000C75503 at atlantis.pc.cs.cmu.edu>
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <20090226075301.GA29686 at elstar.iuhb02.iu-bremen.de><200902282050.n1SKoiNK028275 at grapenut.srv.cs.cmu.edu> <80DC81EC28A8208000C75503 at atlantis.pc.cs.cmu.edu>
Thread-index: AcmacfUM823aYyMKRO+duJA1/5rZfQAAxvBw

Whoa!!!!!!

There is NO securityName in the message. 
Where do you think the message contains a securityname?

IN 4.2, TSM 
   3) Set securityParameters to a zero-length OCTET STRING ('0400').

dbh

> -----Original Message-----
> From: isms-bounces at ietf.org [mailto:isms-bounces at ietf.org] On 
> Behalf Of Jeffrey Hutzelman
> Sent: Sunday, March 01, 2009 8:20 AM
> To: tom.petch; Juergen Schoenwaelder; isms at ietf.org
> Cc: jhutz at cmu.edu
> Subject: Re: [Isms] wg last call followup - sshtm
> 
[...]
> >
> > So the application specified alice and got back bob.
> >
> > Is this how it is meant to work?
> 
> That won't happen.  In your scenario, the CR does not "use 
> bob for access 
> control".  TSM compares the name reported by SSH (bob) with the 
> securityName in the SNMP message, and when they don't match, 
> rejects the 
> request.
> 
> -- Jeff
> _______________________________________________
> Isms mailing list
> Isms at ietf.org
> https://www.ietf.org/mailman/listinfo/isms
>

Follow-Ups:
- Re: [Isms] wg last call followup - sshtm
  - From: Jeffrey Hutzelman

References:
- [Isms] wg last call followup
  - From: Juergen Schoenwaelder
- Re: [Isms] wg last call followup - sshtm
  - From: Jeffrey Hutzelman

Prev by Date: Re: [Isms] wg last call followup - e-mail address
Next by Date: Re: [Isms] wg last call followup - sshtm
Previous by thread: Re: [Isms] wg last call followup - sshtm
Next by thread: Re: [Isms] wg last call followup - sshtm
Index(es):
- Date
- Thread

Re: [Isms] wg last call followup - sshtm

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.