[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard

To: "Netconf (E-mail)" <netconf@ops.ietf.org>
Subject: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Wed, 14 Dec 2005 01:50:31 +0100

FYI

-----Original Message-----
From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org]On Behalf Of
Sam Hartman
Sent: Friday, December 09, 2005 15:03
To: Eliot Lear
Cc: iesg@ietf.org; ietf@ietf.org
Subject: Re: Last Call: 'NETCONF Configuration Protocol' to Proposed
Standard


>>>>> "Eliot" == Eliot Lear <lear@cisco.com> writes:

    Eliot> Obviously what you're suggesting isn't hard to do, and I
    Eliot> agree with you that in many cases use of port 22 would be
    Eliot> safe (and it would certainly be true for the VAST majority
    Eliot> of cases when connecting to network infrastructure).
    Eliot> However, once we decide to cover the other cases where we
    Eliot> are trying to give firewall administrators some leeway, I'm
    Eliot> not sure there's an added advantage to adding text along
    Eliot> the lines of "well, sometimes you can use port 22."  For
    Eliot> one it makes the tool building HARDER if the other port
    Eliot> isn't LISTENED to as well, because your canned tools would
    Eliot> end up playing guessing games or requiring extra
    Eliot> configuration.  And for our purposes I think I know of one
    Eliot> SSH implementation on a general computing device that
    Eliot> hardcodes the port to 22 and that implementation also
    Eliot> doesn't have means to support additional applications.

I think the only reason you might want to make the change is so that:

* People authorized to use the CLI in environments that have not gotten around to opening up the netconf port can use netconf

* People who have  tunnel  setups to get to ssh can also get to netconf.

However as I said, I'm not actually asking for the change just asking
people to think about it.  I think that it is even more critical to
think about it for isms than for netconf simply because we're at an
earlier stage with isms.


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Prev by Date: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Next by Date: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Previous by thread: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Next by thread: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Index(es):
- Date
- Thread