[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
review of draft-ietf-netconf-tls-01
My comments on draft-ietf-netconf-tls-01:
- General: Reasonable document, but I am not sure the password
authentication fits the RADIUS requirements
- I read:
When the NETCONF peer processes a closure request of the
NETCONF connection, it MUST send a TLS close_notify alert before
closing the connection.
The phrase "processes a closure request of the NETCONF connection"
sounds fuzzy to me. Perhaps you mean this:
When the NETCONF peer closes the NETCONF connection, it MUST send
a TLS close_notify alert before closing the TCP connection.
I note that there might be cases where this is not possible, e.g.
the peer is dying before if gets to say good bye.
- I read:
Unless some other fatal alert has been transmitted, ...
Who is transmitting a fatal alert to whom and how? Perhaps you mean:
Unless a fatal error has occured, ...
- What is the 'write side' of a connection?
- Second sentence in section 3. seems to be garbled.
- Can the password based authentication scheme be hooked into RADIUS?
/js
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>