Re: (unofficial issue 2) Subscription versus never-ending command

["Randy Presuhn" <randy_presuhn@mindspring.com>]

Hi -

The context of the quoted message was the discussion of why binding
subscriptions to sessions doesn't make sense to some of us.  In that
context, I have trouble making sense of Andy's questions.  Indeed, they
seem to be hinting at further reasons why binding subscriptions to
sessions may be undesirable.

Randy

----- Original Message ----- 
From: "Andy Bierman" <ietf@andybierman.com>
To: "Randy Presuhn" <randy_presuhn@mindspring.com>
Cc: "Netconf (E-mail)" <netconf@ops.ietf.org>
Sent: Wednesday, March 29, 2006 3:40 PM
Subject: Re: (unofficial issue 2) Subscription versus never-ending command


> Randy Presuhn wrote:
> > Hi -
> > 
> >> From: "Balazs Lengyel" <balazs.lengyel@ericsson.com>
> >> To: "Netconf (E-mail)" <netconf@ops.ietf.org>
> >> Sent: Tuesday, March 28, 2006 1:49 AM
> >> Subject: Re: (unofficial issue 2) Subscription versus never-ending command
> >>
> >> Do we allow one user to use multiple subscriptions ? I would say yes.
> > 
> > Of course.
> 
> 
> Do you mean multiple subscriptions per session?
> If so I don't agree.  (Note that this is not the
> same as a single subscription + modify-subscription feature.)
> 
> It might make sense to support multiple subscriptions
> per session if netconf had multi-user sessions, but it doesn't.
> Why (in the name of Good Engineering) would you ever want
> the agent to spend lots of time classifying events, and
> sending multiple copies of the same notification on the
> same single-user session?
> 
> This isn't an snmp notification or syslog demuxer,
> so why try to turn it into one?
> 
> 
> Andy
> 
> 
> >  
> >> If we connect the notification subscription strictly to a user identity we force the user 
> >> to specify security data multiple times to be able to use multiple subscriptions. Is this 
> > 
> > User identity is obviously not the only interesting attribute of a subscription.
> > Think how SNMP notification subscriptions work.  The user identity is necessary
> > for access control (both of the subscription itself as well as in constraining what
> > is permitted to be sent).  One also needs information describing *where* the
> > information should be sent on behalf of that user, among other things.
> > 
> >> our aim or am I missing something ? (In our management system different functional parts 
> >> are interested in different notifications, but I see no need for a security point of view 
> >> to require multiple user identities for them.)
> > ...
> > 
> > No disagreement.  Indeed, this is yet another argument against binding the
> > subscription to a connection.  Consider the scenario where there are multiple
> > "interested" systems or applications, and the devices to be managed are
> > intermittently reachable.  Is it better for the managed device to establish a
> > connection if/when needed, or have the applications futilely attempting to make
> > connections to all the devices that happen to be unreachable at the moment?
> > Think netconf for cellphones and PDAs.
> > 
> > Randy
> > 
> > 
> > --
> > to unsubscribe send a message to netconf-request@ops.ietf.org with
> > the word 'unsubscribe' in a single line as the message text body.
> > archive: <http://ops.ietf.org/lists/netconf/>
> > 
> > 
> 


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>