Re: [Netconf] notification access control

To: "NETCONF" <netconf at ietf.org>
Subject: Re: [Netconf] notification access control
From: "Randy Presuhn" <randy_presuhn at mindspring.com>
Date: Thu, 18 Jun 2009 10:41:49 -0700
Delivered-to: netconf at core3.amsl.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=mindspring.com; b=sQ4+l8sxl9sajw/wnsrqXV/mmyr9im/Rtto3lCnr8vAJz/emcij6ZJMTO605P8RB; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
List-archive: <http://www.ietf.org/mail-archive/web/netconf>
List-help: <mailto:netconf-request@ietf.org?subject=help>
List-id: Network Configuration WG mailing list <netconf.ietf.org>
List-post: <mailto:netconf@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
References: <200906171944.n5HJiBBo056500 at idle.juniper.net> <4A394F71.4090500 at netconfcentral.com> <001201c9ef9c$832a64a0$6801a8c0 at oemcomputer> <4A397C90.1050801 at netconfcentral.com> <000c01c9efaa$f6489340$6801a8c0 at oemcomputer> <4A398AAE.5000300 at netconfcentral.com> <000401c9efb0$9eb7d4a0$6801a8c0 at oemcomputer> <4A399C99.8060709 at netconfcentral.com> <000601c9efbf$53822580$6801a8c0 at oemcomputer> <4A39ADF9.4060006 at netconfcentral.com> <000401c9efc8$9dbbd480$6801a8c0 at oemcomputer> <4A3A2C5F.9030003 at netconfcentral.com> <004001c9f036$40d57140$6801a8c0 at oemcomputer> <4A3A7542.3060302 at netconfcentral.com>

Hi -

> From: "Andy Bierman" <andy at netconfcentral.com>
> To: "Randy Presuhn" <randy_presuhn at mindspring.com>
> Cc: "NETCONF" <netconf at ietf.org>
> Sent: Thursday, June 18, 2009 10:11 AM
> Subject: Re: [Netconf] notification access control
...
> The scenario you are describing is not well-suited to a
> single monolithic agent at all.

I do have a strong bias against monolithic agents.

I think they spell software configuration management
disaster for complex or multi-vendor systems.  But
the current IETF direction seems to be to not worry about
those cases, and let them define their own solutions
as the need arises.  I don't think that was a good choice,
but this is not the place to re-hash old debates.

>  Instead, each customer
> should get their own virtual agent, and use some
> sort of proprietary 'glue code' to let each virtual agent have
> access to a subset of the real agent.

"And then a miracle occurs."  :-)

We have clearly different visions of how to make this stuff
work, so I guess I'll just have to wait until we see how that
glue code actually works.  But I am concerned that these
decisions will inexorably paint the developers of the netconf
ACM (or, more likely, ACMs) into a corner.

Randy

Follow-Ups:
- Re: [Netconf] notification access control
  - From: Andy Bierman

References:
- Re: [Netconf] notification access control
  - From: Phil Shafer
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman
- Re: [Netconf] notification access control
  - From: Randy Presuhn
- Re: [Netconf] notification access control
  - From: Andy Bierman

Prev by Date: [Netconf] SSH question
Next by Date: Re: [Netconf] notification access control
Previous by thread: Re: [Netconf] notification access control
Next by thread: Re: [Netconf] notification access control
Index(es):
- Date
- Thread

Re: [Netconf] notification access control

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.