Re: [Call-home] draft now posted; BoF?

"David T. Perkins" <dperkins@dsperkins.com> Tue, 27 September 2005 18:15 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKJyo-0006g1-67; Tue, 27 Sep 2005 14:15:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKJyV-0006LD-KP for call-home@megatron.ietf.org; Tue, 27 Sep 2005 14:14:43 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA29326 for <call-home@ietf.org>; Tue, 27 Sep 2005 14:14:42 -0400 (EDT)
Received: from smtpout1.bayarea.net ([209.128.95.10]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EKK5n-0005Hb-9D for call-home@ietf.org; Tue, 27 Sep 2005 14:22:16 -0400
Received: from shell4.bayarea.net (shell4.bayarea.net [209.128.82.1]) by smtpout1.bayarea.net (8.12.10/8.12.10) with ESMTP id j8RIEUBT010954; Tue, 27 Sep 2005 11:14:30 -0700
Received: from shell4.bayarea.net (localhost [127.0.0.1]) by shell4.bayarea.net (8.12.11/8.12.11) with ESMTP id j8RIENVQ028936; Tue, 27 Sep 2005 11:14:23 -0700
Received: from localhost (dperkins@localhost) by shell4.bayarea.net (8.12.11/8.12.11/Submit) with ESMTP id j8RIENNO028929; Tue, 27 Sep 2005 11:14:23 -0700
X-Authentication-Warning: shell4.bayarea.net: dperkins owned process doing -bs
Date: Tue, 27 Sep 2005 11:14:23 -0700 (PDT)
From: "David T. Perkins" <dperkins@dsperkins.com>
X-Sender: dperkins@shell4.bayarea.net
To: Juergen Schoenwaelder <j.schoenwaelder@iu-bremen.de>
Subject: Re: [Call-home] draft now posted; BoF?
In-Reply-To: <20050927095833.GB488@boskop.local>
Message-ID: <Pine.LNX.4.10.10509271112090.11557-100000@shell4.bayarea.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc: call-home@ietf.org
X-BeenThere: call-home@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion of issues relating to &quot; call home&quot; functionality and firewall traversal" <call-home.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/call-home>
List-Post: <mailto:call-home@ietf.org>
List-Help: <mailto:call-home-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/call-home>, <mailto:call-home-request@ietf.org?subject=subscribe>
Sender: call-home-bounces@ietf.org
Errors-To: call-home-bounces@ietf.org

HI,

I too would like to see the same objectives achieved as
specified below by Juergen. And in addition, let's not
forget about authorization!

On Tue, 27 Sep 2005, Juergen Schoenwaelder wrote:
> On Tue, Sep 27, 2005 at 11:33:52AM +0200, Eliot Lear wrote:
>  
> > I'm not quite sure what you're asking for.  Are you suggesting, for
> > instance, that the initiator have a host key and the listener make use
> > of a user key?
> 
> I am asking for a solution which gives me the same authenticated
> identities regardless how the connection was established. In SNMP
> terms, I assume that an engine hosting a command generator identifies
> itself as a user on the engine hosting the command responder and I
> like to leverage this user identity which does exist on the device
> across multiple management interfaces, whether that is a CLI, NETCONF
> or even an HTTP interface.
> 
> Looking at the real-world networking devices I have access to, they
> all have a notion of a user identity and they all are able to talk
> RADIUS to outsource the authentication decision, which is typically
> then password based. I like to leverage that and if call home can be
> made to work without changing the premise I am operating on, I am
> fine.
> 
> /js
> 
Regards,
/david t. perkins


_______________________________________________
Call-home mailing list
Call-home@ietf.org
https://www1.ietf.org/mailman/listinfo/call-home