[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: architecture and security

To: Andy Bierman <ietf@andybierman.com>
Subject: Re: architecture and security
From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>
Date: Thu, 13 Apr 2006 21:26:08 +0200
Cc: "David T. Perkins" <dperkins@dsperkins.com>, Balazs Lengyel <balazs.lengyel@ericsson.com>, Randy Presuhn <randy_presuhn@mindspring.com>, "Netconf (E-mail)" <netconf@ops.ietf.org>
In-reply-to: <443EA37E.20908@andybierman.com>
Mail-followup-to: Andy Bierman <ietf@andybierman.com>, "David T. Perkins" <dperkins@dsperkins.com>, Balazs Lengyel <balazs.lengyel@ericsson.com>, Randy Presuhn <randy_presuhn@mindspring.com>, "Netconf (E-mail)" <netconf@ops.ietf.org>
References: <Pine.LNX.4.10.10604130809500.2749-100000@shell4.bayarea.net> <443E7BF5.3010905@andybierman.com> <20060413182152.GC1076@boskop.local> <443EA37E.20908@andybierman.com>
Reply-to: j.schoenwaelder@iu-bremen.de
User-agent: Mutt/1.5.10i

On Thu, Apr 13, 2006 at 12:16:14PM -0700, Andy Bierman wrote:

> References in identifiers -- you mean like information
> carried in the instance portion of an OID?
> 
> Not sure what you mean

Operators seem to like to name things in meaningful ways and these
names frequently carry information which may be sensitive. If you want
to define views so that different people can look at a box, you have
to ensure that nothing leaks through which might be embedded in
operator assigned names (and thus can't be really handled by access
control rules unless you have embedded AI).

/js

-- 
Juergen Schoenwaelder		    International University Bremen
<http://www.eecs.iu-bremen.de/>	    P.O. Box 750 561, 28725 Bremen, Germany

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: architecture and security
  - From: Balazs Lengyel <balazs.lengyel@ericsson.com>

References:
- Re: architecture and security
  - From: "David T. Perkins" <dperkins@dsperkins.com>
- Re: architecture and security
  - From: Andy Bierman <ietf@andybierman.com>
- Re: architecture and security
  - From: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>
- Re: architecture and security
  - From: Andy Bierman <ietf@andybierman.com>

Prev by Date: Re: architecture and security
Next by Date: Re: Notification Requirements Consensus Points
Previous by thread: Re: architecture and security
Next by thread: Re: architecture and security
Index(es):
- Date
- Thread