Re: [Isms] pre11 comments

To: <isms at ietf.org>
Subject: Re: [Isms] pre11 comments
From: "David B. Nelson" <d.b.nelson at comcast.net>
Date: Thu, 3 Jul 2008 20:57:08 -0400
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <sdskuqwoli.fsf@wes.hardakers.net>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <006401c8dc30$bac0af30$51f780de@china.huawei.com><sd63rmy615.fsf@wes.hardakers.net><4F599A473EF04ECD99F4C358B291245E@xpsuperdvd2> <sdskuqwoli.fsf@wes.hardakers.net>
Sender: isms-bounces at ietf.org
Thread-index: AcjdYhKu4yqqF6deSFOHxzlMfkTQswADduyw

Wes Hardaker writes...

> Right now the VACM and the security model can be used together to
> grant or deny access based on a particular security model.  With 
> a generic "any sub-transport will do" security model not being put
> in place (TSM) then we loose that ability.

Correct.  Apparently the WG decided early on that, indeed, "any protected
transport will do".  I think what you're effectively suggesting is that we
should *not* have a general TSM, but a series of xSMs, where "x" is a
specific secure transport protocol.  KSM surely falls into that pattern.

Personally, I think it's very late for that kind of revision.  However, if
it can be "hacked in" without much disruption, I see no fundamental
objection to adding that feature.


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

Follow-Ups:
- Re: [Isms] pre11 comments
  - From: Wes Hardaker
- Re: [Isms] pre11 comments
  - From: David Harrington

References:
- [Isms] pre11 comments
  - From: David Harrington
- Re: [Isms] pre11 comments
  - From: Wes Hardaker
- Re: [Isms] pre11 comments
  - From: David B. Nelson
- Re: [Isms] pre11 comments
  - From: Wes Hardaker

Prev by Date: Re: [Isms] pre11 comments
Next by Date: Re: [Isms] pre11 comments
Previous by thread: Re: [Isms] pre11 comments
Next by thread: Re: [Isms] pre11 comments
Index(es):
- Date
- Thread

Re: [Isms] pre11 comments

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.