[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh comments

To: Wes Hardaker <wjhns1@hardakers.net>, netconf@ops.ietf.org
Subject: Re: ssh comments
From: Margaret Wasserman <margaret@thingmagic.com>
Date: Tue, 8 Mar 2005 10:53:36 -0500
In-reply-to: <sdbr9v3xeh.fsf@wes.hardakers.net>
References: <sdbr9v3xeh.fsf@wes.hardakers.net>


Hi Wes,

These are good comments.

I caught some (but not all) of these issues in the -03 revision. Since then, Simon pointed out that I mis-labeled the server and client in some of the example exchanges, so I need to do an editorial update, anyway, and I will attempt to address your other change in that update.

Thanks!
Margaret

At 2:26 PM -0800 3/7/05, Wes Hardaker wrote:

comments on ssh-02 (I think there may be an -03 now [my net be down],
and if so I haven't checked to see if they've been fixed).

1. Introduction:
   XMLCONF->NETCONF
   [may be in other locations too...  a search would be wise]

2. Starting NETCONF over SSH:
   "the user (or script"
      -> "the user (or application"

   I do think that scripts will be used a lot by operators, but I also
   think applications will which is more generic.  I don't think we
   should use the word "script" in these documents.  It's definition
   isn't well defined, unlike "application".

   [in multiple locations within the doc]

2.1 Capabilities Exchange:

"As indicated in the example above," -> "As indicated in the example above and as required by the netconf protocol,"

  "expect script" -> "application"
    [We definitely shouldn't refer directly to "expect" IMHO]

  "&lt; hello>" -> "<hello>"

  If you're going to state the last paragraph (which is a duplicate of
  what's in the netconf protocol) then you should also restate that
  applications must not wait for the other side to complete the
  sending of its <hello>.

3. using netconf over ssh

  "]]>]]>, is sent after" -> "]]>]]>, MUST BE sent after".
    Also, append "by both the client and the server" to the end of the
    message.

4.

  "An agend will processed RPC messages from the manager in the order
  in which the are received."
     ->
  "An agent will process RPC messages from the manager in the order in
  which the requests are received."

6. Security considerations

  "configuration data" -> "configuration or state data"

  "is sent to the server" -> "is sent to or received from the server"

  "is sent to the client" -> "is sent to or received from the client"

  "The identity of the server MUST be verified and authenticated..."

    What does this MUST really mean?  To verify and authenticate the
    server based on what policy?  This is almost crossing the boundary
    between policy and interoperability.  I think what you really want
    to say is more along the lines of:

    "The identity of the server MUST be verified and authenticated
    according to local policy..."

???

--
"In the bathtub of history the truth is harder to hold than the soap,
 and much more difficult to find."  -- Terry Pratchett

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- ssh comments
  - From: Wes Hardaker <wjhns1@hardakers.net>

Prev by Date: ssh comments
Next by Date: Re: last call comments on the mapping documents
Previous by thread: ssh comments
Index(es):
- Date
- Thread