Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

To: Wes Hardaker <wjhns1 at hardakers.net>
Subject: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
From: Wes Hardaker <wjhns1 at hardakers.net>
Date: Mon, 14 Sep 2009 12:02:00 -0700
Cc: "isms at ietf.org" <isms at ietf.org>
Delivered-to: isms at core3.amsl.com
In-reply-to: <20090914182918.GA1332 at elstar.local> (Juergen Schoenwaelder's message of "Mon, 14 Sep 2009 20:29:18 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Organization: Sparta
References: <sd63eliohe.fsf at wes.hardakers.net> <E6658A5CB6378B46A7F9C43757A73977047E6252 at de01exm63.ds.mot.com> <sdfxapa0nc.fsf at wjh.hardakers.net> <20090914182918.GA1332 at elstar.local>
User-agent: Gnus/5.110011 (No Gnus v0.11) XEmacs/21.4.22 (linux, no MULE)

>>>>> On Mon, 14 Sep 2009 20:29:18 +0200, Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de> said:

JS> The question is to what extend the SNMP agent is really involved in
JS> all this or whether the DTLS transport takes care of the processing
JS> itself. In the SNMP over SSH case, we did decide to stay out of things
JS> that really concern the SSH layer. It seems with TLS/DTLS, we seem to
JS> go into much more details - perhaps this is even justified. I just
JS> notice that we seem to deal with these different secure transports
JS> differently.

I'd argue that if it helps the operator it doesn't matter much.  We're
not violating layers because we want to help manage a transport just as
we're not violating layers when we send a linkUp notification (which if
you drew an architectural diagram, would be way outside the SNMPv3
blocks).

In other words, do we want managers to be able to get notifications
about failed (D)TLS connections?  If yes, then we need to define the
notifications and it's implementation specific as to how to detect the
need to send them.

-- 
Wes Hardaker
Cobham Analytic Solutions

References:
- [Isms] draft-hardaker-isms-dtls-tm-05 submitted
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Donati Andrew-MGIA0477
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Juergen Schoenwaelder

Prev by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Previous by thread: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by thread: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Index(es):
- Date
- Thread

Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.