Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

To: Jeffrey Hutzelman <jhutz at cmu.edu>
Subject: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
Date: Mon, 14 Sep 2009 23:18:17 +0200
Cc: "isms at ietf.org" <isms at ietf.org>
Delivered-to: isms at core3.amsl.com
In-reply-to: <11B6ECDDB8C495CF22FEC194 at atlantis.pc.cs.cmu.edu>
List-archive: <http://www.ietf.org/mail-archive/web/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Jeffrey Hutzelman <jhutz at cmu.edu>, David Harrington <ietfdbh at comcast.net>, 'Wes Hardaker' <wjhns1 at hardakers.net>, "isms at ietf.org" <isms at ietf.org>
References: <sd63eliohe.fsf at wes.hardakers.net> <E6658A5CB6378B46A7F9C43757A73977047E6252 at de01exm63.ds.mot.com> <sdfxapa0nc.fsf at wjh.hardakers.net> <20090914182918.GA1332 at elstar.local> <27070_1252954966_n8EJ2jKD029767_sd4or59wpj.fsf at wjh.hardakers.net> <FB64E92A8472D9DC947B53A0 at atlantis.pc.cs.cmu.edu> <033a01ca3579$ea2c30c0$0600a8c0 at china.huawei.com> <11B6ECDDB8C495CF22FEC194 at atlantis.pc.cs.cmu.edu>
Reply-to: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
User-agent: Mutt/1.5.20 (2009-06-14)

On Mon, Sep 14, 2009 at 10:52:31PM +0200, Jeffrey Hutzelman wrote:

> There really isn't such a thing as "_the_ (D)TLS service".  A given host 
> might have any number of services utilizing TLS or DTLS on different ports 
> with different configuration.  It's not multiplexed the way SSH might be, 
> and you wouldn't want to combine management information for them.  Ideally, 
> there'd be some kind of "MIB fragment" describing (D)TLS which could be 
> incorporated into MIB's for various services using those protocols, of 
> which the SNMP DTLS TM is just one.

We implemented SNMP over SSH by linking in an SSH library; we do not
go through an sshd and hence assuming SSH is "multiplexed" is not
always correct. This is all implementation choice. I agree that an SSH
MIB or [D]TLS MIB would have to provide proper indexing so that
multiple concurrent SSH or D[TLS] instances can export data to the
SNMP agent.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

References:
- [Isms] draft-hardaker-isms-dtls-tm-05 submitted
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Donati Andrew-MGIA0477
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Wes Hardaker
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Juergen Schoenwaelder
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Jeffrey Hutzelman
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: David Harrington
- Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
  - From: Jeffrey Hutzelman

Prev by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by Date: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Previous by thread: Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications
Next by thread: [Isms] WG Review: Recharter of Integrated Security Model for SNMP (isms)
Index(es):
- Date
- Thread

Re: [Isms] draft-hardaker-isms-dtls-tm-05 submitted - tlstmNotifications

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.