And just to clarify my own sloppiness, I realized after I wrote the note that "root" rather than "kernel" is what is needed for a low port, and that is indeed easier. But it is MUCH better to develop and run applications without having to make them root, even briefly. (The coupling of the various permissions within Unix is not our problem, but that doesn't make it desirable.)
Given that, to paraphrase Phil's comment, it doesn't make that much difference, it would seem more sensible to go for a higher range port number. However, neither Ira nor I speak for the IESG. Heck, I'm not even speaking as a "reviewer", just as a participant / observer in this working group. I guess I just find "its appropriate to use low numbers for this" a bad reason. From different perspectives, different things are "privileged". I know many folks who will claim that the only really privileged operation is collecting money. And others.......
Yours, JoelPS: I would prefer not to hang this protocol up on a debate about whether <1024 ports should ever be given out. That would be a waste of all our time.
At 09:40 PM 3/17/2006, Andy Bierman wrote:
There are ways to allow users specific access to root programs (e,g,. 'su'). There is really no way to logically conclude this discussion. You and Ira are arguing that no protocol should ever use the system port space again, including NETCONF. If this is IESG policy, then I guess we are done discussing it. Some others have said the port number doesn't really matter, except a bit for unix implementations, and some "legacy bias" against using higher port numbers for system services. (Large "don't care" camp) Eliot and I are arguing that the task of configuring a networking device (a server, not a plain host!) is clearly a privileged task in almost all environments, which is NETCONF's chartered purpose. If device configuration and control isn't a system task on a networking device, then I don't know what is. If there are no possible reasons for assigning system port numbers anymore, then IANA can stop asking which range the new protocol should be assigned, and WGs like us don't need to argue about anymore.
-- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>