[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: architecture and security
Balazs Lengyel wrote:
Yes some deployments will require additional granularity for access
control. But different node types might have very different requirements
about the fine granularity. Interface level might be good for you but I
might want to have subscriber management separated from the rest of the
data or might want the possibility to authorize each virtual router
separately.
My point is that while granular access control is needed the standard
should not try to define the levels of access control.
I disagree.
We have gone pretty far along now ignoring access control.
IMO, applying access control on the subscription, but not
the outbound notifications, is just broken.
The config data is dynamic, the access rights database is dynamic.
What matters is the receivers access rights at the time
the notification is sent, not when the subscription is made.
I don't think we have to define a detailed model now,
but we have agree when and where access control is applied.
Balazs
Andy
Hector Trevino (htrevino) wrote:
Some deployments will require additional granularity in which case going
down to the interface level should be sufficient.
--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>
--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>