Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

To: Jeffrey Hutzelman <jhutz at cmu.edu>
Subject: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
Date: Mon, 14 Sep 2009 22:14:19 +0200
Cc: "isms at ietf.org" <isms at ietf.org>
Delivered-to: isms at core3.amsl.com
In-reply-to: <FB64E92A8472D9DC947B53A0 at atlantis.pc.cs.cmu.edu>
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Jeffrey Hutzelman <jhutz at cmu.edu>, Wes Hardaker <wjhns1 at hardakers.net>, "isms at ietf.org" <isms at ietf.org>
References: <sd63eliohe.fsf at wes.hardakers.net> <E6658A5CB6378B46A7F9C43757A73977047E6252 at de01exm63.ds.mot.com> <sdfxapa0nc.fsf at wjh.hardakers.net> <20090914182918.GA1332 at elstar.local> <27070_1252954966_n8EJ2jKD029767_sd4or59wpj.fsf at wjh.hardakers.net> <FB64E92A8472D9DC947B53A0 at atlantis.pc.cs.cmu.edu>
Reply-to: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
User-agent: Mutt/1.5.20 (2009-06-14)

On Mon, Sep 14, 2009 at 09:08:56PM +0200, Jeffrey Hutzelman wrote:
> --On Monday, September 14, 2009 12:02:00 PM -0700 Wes Hardaker 
> <wjhns1 at hardakers.net> wrote:
> 
> >>>>>> On Mon, 14 Sep 2009 20:29:18 +0200, Juergen Schoenwaelder
> >>>>>> <j.schoenwaelder at jacobs-university.de> said:
> >
> > JS> The question is to what extend the SNMP agent is really involved in
> > JS> all this or whether the DTLS transport takes care of the processing
> > JS> itself. In the SNMP over SSH case, we did decide to stay out of things
> > JS> that really concern the SSH layer. It seems with TLS/DTLS, we seem to
> > JS> go into much more details - perhaps this is even justified. I just
> > JS> notice that we seem to deal with these different secure transports
> > JS> differently.
> >
> > I'd argue that if it helps the operator it doesn't matter much.  We're
> > not violating layers because we want to help manage a transport just as
> > we're not violating layers when we send a linkUp notification (which if
> > you drew an architectural diagram, would be way outside the SNMPv3
> > blocks).
> >
> > In other words, do we want managers to be able to get notifications
> > about failed (D)TLS connections?  If yes, then we need to define the
> > notifications and it's implementation specific as to how to detect the
> > need to send them.
> 
> Agree.  We're not talking here about the SNMP agent breaking layers and 
> looking at things it has no business knowing about.  We're talking about 
> the (D)TLS transport itself being manageable.

But in the case of SSH, we decided to _not_ go into SSH details and
leave that to future SSH management work. I just noticed that we seem
to treat TLS/DTLS different. I am not saying this is good or bad (and
I am speaking as a technical contributor). All I want to achieve is
that we reflect the reasons if we do things differently for different
transports.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

References:
- [Isms] draft-hardaker-isms-dtls-tm-05 submitted
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Donati Andrew-MGIA0477
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Juergen Schoenwaelder
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Jeffrey Hutzelman

Prev by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Previous by thread: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by thread: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Index(es):
- Date
- Thread

Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.