Re: [Isms] pre-08 for TSM document

["David Harrington" <ietfdbh at comcast.net>]

> -----Original Message-----
> From: Juergen Schoenwaelder 
> [mailto:j.schoenwaelder at jacobs-university.de] 
> Sent: Friday, June 27, 2008 3:12 AM
> To: tom.petch
> Cc: David Harrington; isms at ietf.org
> Subject: Re: [Isms] pre-08 for TSM document
> 
> On Tue, Jun 24, 2008 at 09:58:24AM +0200, tom.petch wrote:
> 
> > Focussing on this I-D, you say that the TM will not alter the LCD
> > table, but I think that it will struggle to read it, at least on
> > inbound messages, as it cannot be sure what the securityName is
and
> > so cannot index into the table.  It could walk the table looking
for
> > a matching snmpTsmLCDName ... well perhaps not.
> 
> I fail to see why a TM needs to read the table. The TM just passes
the
> name provided by the transport via the tmStateReferences and TSM
then
> does any mappings as needed.

The initial WG discussion led to a design that took a securityName and
mapped it to a 
transport-specific ID. 

The discussion now makes it clearer that the securityName should map
to a tmSecurityName, and then the TM needs its own table to map from
tmSecurityName to a transport-specific ID.

personally, I think that's more levels of mapping than we need, and
all these mappings impact the predictability of the ultimate mapping
from the actual security ID to securityName.

>  
> > I assume that snmpTsmLCDName is tmSecurityName; could the names be
> > more similar or is there a subtle point that I am missing in them
> > being so different?

Changed to snmpTsmLCDTmSecurityName

> 
> I agree that finding good labels is important. I am not having a
good
> constructive idea yet... Checking RFC 3411 again, I see there it
makes
> a distinction between a securityName and a security ID, where the
> security ID seems to be pretty close to our tmSecurityName. Dave, do
> you agree with this reading of RFC3411?
> 
> > I am concerned at the length of snmpTsmLCDName, at 32 maximum.  I
am
> > aware of no such constraint for an SSH user name.
> 
> Since snmpTsmLCDName is not used in an INDEX, I think we can easily
> drop the length restriction.

done. This might impact the default transformations, and the ultimate
mapping to securityNames used in the notification configurations.

> 
> /js
> 
> -- 
> Juergen Schoenwaelder           Jacobs University Bremen gGmbH
> Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
> Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
> 

_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms