[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on NetConf Requirements

To: <netconf@ops.ietf.org>
Subject: Re: Thoughts on NetConf Requirements
From: "Randy Presuhn" <randy_presuhn@mindspring.com>
Date: Wed, 18 Jun 2003 15:34:17 -0700
References: <4.3.2.7.2.20030604142148.023ca900@mira-sjc5-c.cisco.com><274753314.1054652094@portatool.dhcp.nanog28.merit.net><5.2.0.9.2.20030603140800.037e66e0@127.0.0.1><4.3.2.7.2.20030604142148.023ca900@mira-sjc5-c.cisco.com><4.3.2.7.2.20030616132703.049c8548@mira-sjc5-c.cisco.com><sdel1ssljz.fsf@wanderer.hardakers.net> <3EEF4846.80001@cisco.com> <sdd6hbuimj.fsf@wanderer.hardakers.net>

Hi -

> From: "Wes Hardaker" <wjhns1@hardakers.net>
> To: "Eliot Lear" <lear@cisco.com>
> Cc: "Wes Hardaker" <wjhns1@hardakers.net>; "Andy Bierman" <abierman@cisco.com>; "Randy Bush" <randy@psg.com>; "David T. Perkins"
<dperkins@dsperkins.com>; "Kevin C Miller" <kevinm@andrew.cmu.edu>; <netconf@ops.ietf.org>
> Sent: Wednesday, June 18, 2003 3:27 PM
> Subject: Re: Thoughts on NetConf Requirements
...
> What Andy has been trying to advocate is that the authorization checks
> won't know if encryption was turned on or not (you only know about the
> user name, the operation and the "filter").  Therefore it would be
> impossible to generate the above error message (from the xmlconf side,
> of course...  you could do it via TLS (or whatever) configuration)
...

To prevent the use of security policies limiting sensitive configuration
data to properly secured transfer mechanisms would be a big mistake,
in my opinion.

Randy



--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Thoughts on NetConf Requirements
  - From: Kevin C Miller <kevinm@andrew.cmu.edu>
- Re: Thoughts on NetConf Requirements
  - From: "David T. Perkins" <dperkins@dsperkins.com>
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Re: Thoughts on NetConf Requirements
  - From: Wes Hardaker <wjhns1@hardakers.net>
- Re: Thoughts on NetConf Requirements
  - From: Eliot Lear <lear@cisco.com>
- Re: Thoughts on NetConf Requirements
  - From: Wes Hardaker <wjhns1@hardakers.net>

Prev by Date: Re: Thoughts on NetConf Requirements
Next by Date: Re: Is beep really what operators would want?
Previous by thread: Re: Thoughts on NetConf Requirements
Next by thread: Re: Thoughts on NetConf Requirements
Index(es):
- Date
- Thread