[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: architecture and security

To: "Netconf (E-mail)" <netconf@ops.ietf.org>
Subject: Re: architecture and security
From: Balazs Lengyel <balazs.lengyel@ericsson.com>
Date: Thu, 13 Apr 2006 15:47:34 +0200
In-reply-to: <6E21698722408147BEA594E073E2B0AB01A75BF8@xmb-sjc-223.amer.cisco.com>
References: <6E21698722408147BEA594E073E2B0AB01A75BF8@xmb-sjc-223.amer.cisco.com>
User-agent: Thunderbird 1.5 (X11/20051201)

Yes some deployments will require additional granularity for access control. But differentnode types might have very different requirements about the fine granularity. Interfacelevel might be good for you but I might want to have subscriber management separated fromthe rest of the data or might want the possibility to authorize each virtual routerseparately.

My point is that while granular access control is needed the standard should not try todefine the levels of access control.


Balazs

Hector Trevino (htrevino) wrote:

Some deployments will require additional granularity in which case going
down to the interface level should be sufficient.


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: architecture and security
  - From: Andy Bierman <ietf@andybierman.com>

References:
- RE: architecture and security
  - From: "Hector Trevino \(htrevino\)" <htrevino@cisco.com>

Prev by Date: Re: architecture and security
Next by Date: Re: architecture and security
Previous by thread: RE: architecture and security
Next by thread: Re: architecture and security
Index(es):
- Date
- Thread