Re: [Isms] pre11 comments

To: <isms at ietf.org>
Subject: Re: [Isms] pre11 comments
From: "David B. Nelson" <d.b.nelson at comcast.net>
Date: Thu, 24 Jul 2008 08:45:38 -0400
Delivered-to: ietfarch-isms-web-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
In-reply-to: <153AB67386CBEFDB61867CE0@atlantis.pc.cs.cmu.edu>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <006401c8dc30$bac0af30$51f780de@china.huawei.com> <sd63rmy615.fsf@wes.hardakers.net> <4F599A473EF04ECD99F4C358B291245E@xpsuperdvd2> <sdskuqwoli.fsf@wes.hardakers.net> <200807040057.m640v5DL015394@grapenut.srv.cs.cmu.edu> <ED7BF45E5D16B2A3ECD2E782@atlantis.pc.cs.cmu.edu> <20080724071719.GA5011@elstar.local> <153AB67386CBEFDB61867CE0@atlantis.pc.cs.cmu.edu>
Sender: isms-bounces at ietf.org
Thread-index: AcjtY9dQeN4yVMCGRUiH4AWtYwc4YQAJgDFQ

Jeffrey Hutzelman writes...

> I'm inclined to say that distinguishing between secure transports
> in a useful way is something that TSM must handle...

If so, then I think it is incumbent upon us to describe the utility
obtained.

I think we've dismissed the issues of differing protocols, cipher-suites,
and so forth, and being irrelevant to the interests of TSM, e.g. "secure" is
always "secure enough".  So, that leaves us with the issue of multiple
authentication mechanisms that might involve multiple user namespaces.  Are
there other issues we are attempting to deal with?  Or are we also adding
the "tag" as a "hook" to deal with possible differences that someone decides
are important in the future?

> (3) specify a standard algorithm for transforming a transport-specific
> ID into a securityName and the reverse, without resorting to a mapping
> table.

Wes also suggested that this mechanism me capable of being disabled, in
those deployments where no distinction is necessary or desirable.


_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

References:
- [Isms] pre11 comments
  - From: David Harrington
- Re: [Isms] pre11 comments
  - From: Wes Hardaker
- Re: [Isms] pre11 comments
  - From: David B. Nelson
- Re: [Isms] pre11 comments
  - From: Wes Hardaker
- Re: [Isms] pre11 comments
  - From: Jeffrey Hutzelman
- Re: [Isms] pre11 comments
  - From: Juergen Schoenwaelder
- Re: [Isms] pre11 comments
  - From: Jeffrey Hutzelman

Prev by Date: Re: [Isms] pre11 comments
Next by Date: Re: [Isms] pre11 comments
Previous by thread: Re: [Isms] pre11 comments
Next by thread: Re: [Isms] pre11 comments
Index(es):
- Date
- Thread

Re: [Isms] pre11 comments

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.