[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NETCONF Notifications

To: j.schoenwaelder@iu-bremen.de
Subject: Re: NETCONF Notifications
From: Eliot Lear <lear@cisco.com>
Date: Mon, 30 May 2005 10:40:35 +0200
Cc: Andy Bierman <ietf@andybierman.com>, netconf <netconf@ops.ietf.org>
Iim-sig: v:"1.1"; h:"imail.cisco.com"; d:"cisco.com"; z:"home"; m:"krs"; t:"1117441769.451008"; x:"432200"; a:"rsa-sha1"; b:"nofws:1208"; e:"Iw=="; n:"sQYarK2E51MdcTiUqeif3F7cWdxIfoCiXhdfb9vD5ee/j0jXL15gbFxF2p" "XIweAblu0N6XAgK7k+wrbr7bQDJaCDqOmzqpRUBjIRQAXQ7NzadpmR3pUL6wxaRUtW+c43sl9jC" "50Qg1sXHpPjt8Y+Y16ioyQAQAdSunM4YhevURc="; s:"IrJO3Z9RmUfwv+ZHfwRxeMnMJzr8ujP/OOBgBXpXH0clF8i8PCueCyuuZczPArT/DhL4BdQH" "Bm4wg33RqlMWVkRYY6q7n5K7QKZrw7a7nrwn1RHFF5gBrHMpn5C1nLostr6zRHX92EEUBwYyIZ6" "848Sp5AjHE63CPyJ+eqvfq6Q="; c:"Date: Mon, 30 May 2005 10:40:35 +0200"; c:"From: Eliot Lear <lear@cisco.com>"; c:"Subject: Re: NETCONF Notifications"
Iim-verify: s:"y"; v:"y"; r:"60"; h:"imail.cisco.com"; c:"message from imail.cisco.com verified; "
In-reply-to: <20050529001200.GA23205@boskop.local>
References: <42989D95.5030609@andybierman.com> <20050529001200.GA23205@boskop.local>
User-agent: Mozilla Thunderbird 1.0.2 (Macintosh/20050317)

Juergen,

SYSLOG is out there. Anyone can use it. However, for reliable and secure SYSLOG you have to do something different. Particularly, for reliable. That's what 3195 was meant to cover. If you want messages signed individually then that's a different kettle of fish, but to simply not have the messages go over the clear one can use the existing BEEP profile just fine.

Realistically from a BEEP perspective I'm not even sure we need to make a change to NETCONF to enable 3195 support. We simply need to indicate that during a <greeting> the profile is available. But this doesn't work for the other protocols (ssh, http).

Eliot

Juergen Schoenwaelder wrote:

On Sat, May 28, 2005 at 09:34:29AM -0700, Andy Bierman wrote:

Let's start a thread to see if we agree on the problem we're trying to solve. First, let's remember where we left off.
I think it is important to not ignore what is going on in the syslog
WG. In particular, <draft-ietf-syslog-protocol-11.txt> seems to be
relevant.
The only strong reason I see for a netconf notification transport would be the reuse of security associations. Perhaps a syslog mapping over ssh would kind of solve the problem.

Bottom line: I am not really sure yet a notification channel within netconf is essential. Even if it is, we should not be blind and ignore that syslog is out there and that there is active work to build from the original BSD design and which is not bound to BEEP.
/js


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: NETCONF Notifications
  - From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>

References:
- NETCONF Notifications
  - From: Andy Bierman <ietf@andybierman.com>
- Re: NETCONF Notifications
  - From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>

Prev by Date: RE: no NETCONF WG meeting planned for Paris
Next by Date: Re: NETCONF Notifications
Previous by thread: Re: NETCONF Notifications
Next by thread: Re: NETCONF Notifications
Index(es):
- Date
- Thread