Re: [Call-home] draft now posted; BoF?

Eliot Lear <lear@cisco.com> Wed, 28 September 2005 16:34 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKeso-0000LN-Uv; Wed, 28 Sep 2005 12:34:14 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKesn-0000LC-9b for call-home@megatron.ietf.org; Wed, 28 Sep 2005 12:34:13 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA18378 for <call-home@ietf.org>; Wed, 28 Sep 2005 12:34:10 -0400 (EDT)
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EKf0E-0001pr-QE for call-home@ietf.org; Wed, 28 Sep 2005 12:41:58 -0400
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-2.cisco.com with ESMTP; 28 Sep 2005 09:34:00 -0700
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j8SGXvKC009527; Wed, 28 Sep 2005 09:33:57 -0700 (PDT)
Received: from [212.254.247.6] (ams-clip-vpn-dhcp440.cisco.com [10.61.65.184]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id j8SGjccc029840; Wed, 28 Sep 2005 09:45:38 -0700
Message-ID: <433AC5F2.6030806@cisco.com>
Date: Wed, 28 Sep 2005 18:33:54 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "David T. Perkins" <dperkins@dsperkins.com>
Subject: Re: [Call-home] draft now posted; BoF?
References: <Pine.LNX.4.10.10509271014390.11557-100000@shell4.bayarea.net>
In-Reply-To: <Pine.LNX.4.10.10509271014390.11557-100000@shell4.bayarea.net>
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=744; t=1127925940; x=1128358140; c=nowsp; s=nebraska; h=Subject:From:Date:Content-Type:Content-Transfer-Encoding; d=cisco.com; i=lear@cisco.com; z=Subject:Re=3A=20[Call-home]=20draft=20now=20posted=3B=20BoF?| From:Eliot=20Lear=20<lear@cisco.com>| Date:Wed,=2028=20Sep=202005=2018=3A33=3A54=20+0200| Content-Type:text/plain=3B=20charset=3DISO-8859-1| Content-Transfer-Encoding:7bit; b=rQ+PEU3JoS8jBvw3Lsp3okHBLIRM2Vs6ruYyCYCGdFJg6EqEX1nnYAbXqs+H36qF4mA0Jn3H yTMH45CyY6TrXPivV0UVIzOajPQGyzPOaYTTj1iTx8+RTcHt5KlUZEsBj9kelSSrwxnV45XUgGU mob6xoE1OVd+ODLaajM7rZY4=
Authentication-Results: imail.cisco.com; header.From=lear@cisco.com; dkim=pass ( message from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 93238566e09e6e262849b4f805833007
Content-Transfer-Encoding: 7bit
Cc: call-home@ietf.org
X-BeenThere: call-home@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion of issues relating to &quot; call home&quot; functionality and firewall traversal" <call-home.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/call-home>
List-Post: <mailto:call-home@ietf.org>
List-Help: <mailto:call-home-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=subscribe>
Sender: call-home-bounces@ietf.org
Errors-To: call-home-bounces@ietf.org

Dave,

> I didn't feel like you answered my previous question about
> this on the ISMS list. That is, you did provide a response,
> but I could not understand it.

Can you help me with what you didn't understand?  I presume you are
referring to the following text:

>>1) What identities and credentials are being used?
> 
> 
> Borrowing from BEEP terminology for the moment, the initiator and
> listener will use any authentication mechanism supported by the
> underlying mapping protocol.  That is to say, for SSH, the responder is
> configured to authenticate to the command generator via an appropriate
> SSH mechanism such as a user name and password.  The generator would
> authenticate via a host key or other mechanism defined with SSH.

What I'm specifically trying NOT to do is to limit SSH from adding
mechanisms that ISMS could then not take advantage of.  The case and
point would be X.509 certs.

Eliot

_______________________________________________
Call-home mailing list
Call-home@ietf.org
https://www1.ietf.org/mailman/listinfo/call-home