RE: Where do we go from here?

[Randy Bush <randy@psg.com>]

as no one else seems interested enough to play, i'll hit the ball

> Do we need multiple channels to each device ? Say a data channel and a
> command channel

please explain the difference between data and commands, maybe by
example.  i.e. i suspect some folk think the entire model will be
encoded in a single stream/file/whateveryoucallit.  and i fear that
much confusion is thereby caused.  so it would be good to further
expose this part of the discussion.

> Do we need sequence numbers ?

sequences of what?  i.e. numbers to uniquify what?

> Do we need retires ?

do you mean does the transport have to be reliable?  if it does, we
have pretty standard ways of doing reliable transports.  and i
think they use retries among 42 other transport trix.  i hope we
don't have to reinvent this.

> Security
> All this needs to be done securely

whatever that means.  that's kinda like "it has to be done well"

> Is it good enough to have trusted domains between the server &
> the client, or must each and every command be authorized by the
> end user.

i don't think we have yet clearly defined the identities in the
authorization model.

> Do we need to authenticate each and every packet
> How do we authenticate the server and client

> Do we care about certificates

certificates are merely a tool to accomplish some goals which have
not yet been clearly specified or agreed.  so this question is not
answerable.

and what are the privacy requirements?  i.e. must data be protected
in transport?

> There is work that needs to do be done in this area. Either the
> IETF does it or other groups will.

i hope i am not supposed to feel threatened by such statements.  i
care that it is done well.

randy


--
to unsubscribe send a message to xmlconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/xmlconf/>