[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard

To: "Netconf (E-mail)" <netconf@ops.ietf.org>
Subject: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Wed, 14 Dec 2005 01:50:30 +0100

FYI, 3 more postings coming

-----Original Message-----
From: iesg-bounces@ietf.org [mailto:iesg-bounces@ietf.org]On Behalf Of
Sam Hartman
Sent: Thursday, December 08, 2005 23:35
To: iesg@ietf.org
Cc: ietf@ietf.org
Subject: Re: Last Call: 'NETCONF Configuration Protocol' to Proposed
Standard

Hi.  This is not a blocking comment nor am I even asking for a change;
I'm just asking people consider this for netconf and future work.

Netconf currently recommends that netconf over ssh be run over a
different port than the normal ssh port.

That seems like a fine idea.  I think there are cases where you might
want to allow access to netconf but not allow access to the CLI
through the normal ssh port.  

However I think in many cases it would not be a security problem if
the netconf subsystem were available over the normal ssh port.  In
many applications the same privileges will be granted to users over
the CLI as to the same users over netconf.  In many cases the
functionality available through netconf will also be available through
the CLI.

--Sam

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Prev by Date: Re: Questions on the Events draft ?
Next by Date: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Previous by thread: RE: Questions on the Events draft ?
Next by thread: FW: Last Call: 'NETCONF Configuration Protocol' to Proposed Stand ard
Index(es):
- Date
- Thread