Hi -
From: "McDonald, Ira" <imcdonald@sharplabs.com>
To: "'Sharon Chisholm'" <schishol@nortel.com>; "Netconf (E-mail)" <netconf@ops.ietf.org>
Sent: Thursday, March 16, 2006 11:03 AM
Subject: RE: Evaluation: draft-ietf-netconf-ssh-05.txt to Proposed Standar d [I06-051127-0011]
...
(1) IANA-assigned "Well Known Port" (0 to 1023)
- approximately 70% are now assigned
- very scarce resource
(2) IANA-assigned "Registered Port" (1024 to 49151)
- approximately %12 are now assigned
- plentiful resource
(3) Unregistered "Dynamic or Private Port" (49152 to 65535)
- not a reasonable choice for NetConf or any standard service
Option (2) is obviously the prudent choide.
I strongly agree.
It is not possible to use NetConf (or SHOULD NOT be) without
strong authentication - in any case, security professionals
do NOT accept the pseudo-security of "well known ports" based
on their numeric values.
...
I find this rationale far more convincing than any of the
others put forth on this thread.