Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js

To: Phil Shafer <phil at juniper.net>
Subject: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
From: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
Date: Tue, 3 Nov 2009 15:22:39 +0100
Cc: "netconf at ietf.org" <netconf at ietf.org>
Delivered-to: netconf at core3.amsl.com
In-reply-to: <200911031351.nA3DpATf064781 at idle.juniper.net>
List-archive: <http://www.ietf.org/mail-archive/web/netconf>
List-help: <mailto:netconf-request@ietf.org?subject=help>
List-id: Network Configuration WG mailing list <netconf.ietf.org>
List-post: <mailto:netconf@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Phil Shafer <phil at juniper.net>, "netconf at ietf.org" <netconf at ietf.org>
References: <20091103071155.GA5038 at elstar.local> <200911031351.nA3DpATf064781 at idle.juniper.net>
Reply-to: Juergen Schoenwaelder <j.schoenwaelder at jacobs-university.de>
User-agent: Mutt/1.5.20 (2009-06-14)

On Tue, Nov 03, 2009 at 02:51:09PM +0100, Phil Shafer wrote:
> Juergen Schoenwaelder writes:
> >Not sure I understand your comment - why does radius/tacplus lead to a
> >difference between a "user name" and a "login name"? Which AVPs are
> >you referring to?
> 
> AVP?  My comment has that with radius I can login as one user and
> have the radius server return a different user name to use locally,
> so I can remotely administer a hundred operators as a single
> "operator" local user.  So the permissions may track with the real
> user name ("operator") but the login name ("phil") is also vital
> information.

Tell me how this works (AVPs are the things RADIUS sends around in the
payload) - or better tell me not, since this would impact ISMS badly.

> >This is pretty much what we have been doing in SMIv2 land.
> 
> Cool.  I've seen examples that aren't this way, where the
> MIB text documents the leafs, but not their meaning.  An
> example would be rfc3412, where in a ~40 page rfc, the mib
> is ~3 pages.

You won't expect TCP objects to document how TCP works, right. The
same logic applies to RFC 3412 and all the other SNMP RFCs.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>

Follow-Ups:
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Phil Shafer

References:
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Juergen Schoenwaelder
- Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
  - From: Phil Shafer

Prev by Date: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Next by Date: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Previous by thread: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Next by thread: Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js
Index(es):
- Date
- Thread

Re: [Netconf] draft-ietf-netconf-monitoring-09 last call comments from js

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.