[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on NetConf Requirements

To: Wes Hardaker <wjhns1@hardakers.net>
Subject: Re: Thoughts on NetConf Requirements
From: Andy Bierman <abierman@cisco.com>
Date: Wed, 18 Jun 2003 16:11:08 -0700
Cc: Wes Hardaker <wjhns1@hardakers.net>, Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de>, netconf@ops.ietf.org
In-reply-to: <sd3ci7uidd.fsf@wanderer.hardakers.net>
References: <4.3.2.7.2.20030617111731.025806e8@mira-sjc5-c.cisco.com><4.3.2.7.2.20030616143726.024ffa80@mira-sjc5-c.cisco.com><4.3.2.7.2.20030616132703.049c8548@mira-sjc5-c.cisco.com><4.3.2.7.2.20030604142148.023ca900@mira-sjc5-c.cisco.com><274753314.1054652094@portatool.dhcp.nanog28.merit.net><5.2.0.9.2.20030603140800.037e66e0@127.0.0.1><4.3.2.7.2.20030604142148.023ca900@mira-sjc5-c.cisco.com><4.3.2.7.2.20030616132703.049c8548@mira-sjc5-c.cisco.com><4.3.2.7.2.20030616143726.024ffa80@mira-sjc5-c.cisco.com><4.3.2.7.2.20030617111731.025806e8@mira-sjc5-c.cisco.com>

At 03:32 PM 6/18/2003, Wes Hardaker wrote:
>>>>>> On Tue, 17 Jun 2003 11:31:05 -0700, Andy Bierman <abierman@cisco.com> said:
>
>Andy> I don't think it's heavy-handed to try to keep the WG focused
>Andy> on the charter.
>
>Agreed.
>
>I'll remind you that I was only responding originally to your
>statement which read:
>
>Andy> So what's so complex about reads? The authorization model?
>Andy> IMO, the authorization model amounts to a set of tuples:
>Andy> { user, operations-allowed, element-subtree }.
>Andy> Read operations amount to 1 more bit in the operations-allowed field.
>
>My original point was only that the above list was too short, in my
>opinion (of course).

I guess is too short, certainly with respect to all the various
attributes that may be taken into consideration in establishing
a security policy.  BTW, my comment above was directed at the
difference between read and write operations. 

I still think configuration of authorization mechanisms is
something that should be standardized independently of
the netconf 1.0 effort.  That was the assumption that 
went into the charter. 

Andy



>-- 
>"In the bathtub of history the truth is harder to hold than the soap,
> and much more difficult to find."  -- Terry Pratchett 


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: Thoughts on NetConf Requirements
  - From: Wes Hardaker <wjhns1@hardakers.net>

References:
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Re: Thoughts on NetConf Requirements
  - From: Andy Bierman <abierman@cisco.com>
- Thoughts on NetConf Requirements
  - From: Kevin C Miller <kevinm@andrew.cmu.edu>
- Re: Thoughts on NetConf Requirements
  - From: "David T. Perkins" <dperkins@dsperkins.com>
- Re: Thoughts on NetConf Requirements
  - From: Wes Hardaker <wjhns1@hardakers.net>

Prev by Date: Re: Is beep really what operators would want?
Next by Date: Re: Thoughts on NetConf Requirements
Previous by thread: Re: Thoughts on NetConf Requirements
Next by thread: Re: Thoughts on NetConf Requirements
Index(es):
- Date
- Thread