RE: use of netconf to configure Unix systems

["McDonald, Ira" <imcdonald@sharplabs.com>]

Hi Joel,

+1

If Netconf really wants a "Well Known Port", then OK, let's
move on.

But it really is distressing that the IESG takes no active
part (apparently) in setting and enforcing policies for the
use of the remainder of this scarce resource.

Cheers,
- Ira

Ira McDonald (Musician / Software Architect)
Blue Roof Music / High North Inc
PO Box 221  Grand Marais, MI  49839
phone: +1-906-494-2434
email: imcdonald@sharplabs.com

> -----Original Message-----
> From: owner-netconf@ops.ietf.org [mailto:owner-netconf@ops.ietf.org]On
> Behalf Of Joel M. Halpern
> Sent: Friday, March 17, 2006 11:47 PM
> To: Andy Bierman
> Cc: Eliot Lear; netconf
> Subject: Re: use of netconf to configure Unix systems
> 
> 
> minor: Ira and I are not the only people speaking up.  I was struck 
> by the tone of the debate that was occurring, which is why I spoke up.
> 
> And just to clarify my own sloppiness, I realized after I wrote the 
> note that "root" rather than "kernel" is what is needed for a low 
> port, and that is indeed easier.  But it is MUCH better to develop 
> and run applications without having to make them root, even 
> briefly.  (The coupling of the various permissions within Unix is not 
> our problem, but that doesn't make it desirable.)
> 
> Given that, to paraphrase Phil's comment, it doesn't make that much 
> difference, it would seem more sensible to go for a higher 
> range port number.
> However, neither Ira nor I speak for the IESG.  Heck, I'm not even 
> speaking as a "reviewer", just as a participant / observer in this 
> working group.
> I guess I just find "its appropriate to use low numbers for this" a 
> bad reason.  From different perspectives, different things are 
> "privileged".  I know many folks who will claim that the only really 
> privileged operation is collecting money. And others.......
> 
> Yours,
> Joel
> 
> PS: I would prefer not to hang this protocol up on a debate about 
> whether <1024 ports should ever be given out.  That would be a waste 
> of all our time.
> 
> At 09:40 PM 3/17/2006, Andy Bierman wrote:
> >There are ways to allow users specific access to root 
> programs (e,g,. 'su').
> >
> >There is really no way to logically conclude this discussion.
> >
> >You and Ira are arguing that no protocol should ever use the 
> system port
> >space again, including NETCONF.  If this is IESG policy, 
> then I guess we
> >are done discussing it.
> >
> >Some others have said the port number doesn't really matter,
> >except a bit for unix implementations, and some "legacy bias" against
> >using higher port numbers for system services. (Large "don't 
> care" camp)
> >
> >Eliot and I are arguing that the task of configuring a 
> networking device
> >(a server, not a plain host!)  is clearly a privileged task 
> in almost all
> >environments, which is NETCONF's chartered purpose.  If 
> device configuration
> >and control isn't a system task on a networking device, then
> >I don't know what is.
> >
> >If there are no possible reasons for assigning system port numbers
> >anymore, then IANA can stop asking which range the new protocol
> >should be assigned, and WGs like us don't need to argue about
> >anymore.
> 
> 
> --
> to unsubscribe send a message to netconf-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/netconf/>
> 

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>