[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

access-denied error

To: "Netconf (E-mail)" <netconf@ops.ietf.org>
Subject: access-denied error
From: Andy Bierman <ietf@andybierman.com>
Date: Sat, 10 Jun 2006 12:56:05 -0700
User-agent: Thunderbird 1.5.0.4 (Windows/20060516)

Hi,

I wanted to sneak in another comment on the non-existent
access control model for netconf.

There is no guidance whatsoever when to send the access-denied
error.  Therefore, it must be okay for implementors to
make up their own rules.

For example, on <get> and <get-config> operations, one may
choose never to issue access-denied errors, and simply
treat an explicit or implicit request for data that the
session is not authorized to view as a 'false' filter.

In other words, the <get> and <get-config> operations
by definition are requesting only data that the session
has access to read.  Anything else is just skipped,
similar to the way SNMP getNext works wrt/ VACM.

This will make it harder for hackers to learn anything
about the data model instances, especially since
access to <get> and <get-config> will tend to be
unrestricted, as opposed to <edit-config> access.



Andy



--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Prev by Date: Re: XML namespace advice
Next by Date: Re: RFC Editor edit list for approved netconf drafts
Previous by thread: XML namespace advice
Next by thread: Additional proposed update to Netconf Notification Draft
Index(es):
- Date
- Thread