Re: [Isms] comments on draft-nelson-isms-extended-vacm-00

To: isms at ietf.org
Subject: Re: [Isms] comments on draft-nelson-isms-extended-vacm-00
From: d.b.nelson at comcast.net
Date: Mon, 27 Jul 2009 15:35:03 +0000 (UTC)
Delivered-to: isms at core3.amsl.com
In-reply-to: <20090727152717.GC11154 at elstar.local>
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>

Juergen Schoenwaelder writes...

> I think Randy Presuhn's model was that the RADIUS
> client acts pretty much like an "embedded" SNMP
> manager doing a local set to modify the VACM table.

I think that's the right generic model, except that it isn't the RADIUS client that does this work.  (Another modularity discussion.)  The RADIUS client is typically isolated from the SNMP engine by PAM and the SSH server.  So, something external to the RADIUS client, that is triggered by the actions of the SSH server or the SSH Transport Model, will take the information from the tnStateReference and affect the VACM tables.

References:
- Re: [Isms] comments on draft-nelson-isms-extended-vacm-00
  - From: Juergen Schoenwaelder

Prev by Date: Re: [Isms] comments on draft-nelson-isms-extended-vacm-00
Next by Date: Re: [Isms] snmp: URI scheme transport extensions
Previous by thread: Re: [Isms] comments on draft-nelson-isms-extended-vacm-00
Next by thread: [Isms] snmp: URI scheme transport extensions
Index(es):
- Date
- Thread

Re: [Isms] comments on draft-nelson-isms-extended-vacm-00

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.