Re: ISMS working group and charter problems
Eliot Lear <lear@cisco.com> Tue, 06 September 2005 18:37 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECiJn-0000ar-Rd; Tue, 06 Sep 2005 14:37:15 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECiJl-0000ai-Hy; Tue, 06 Sep 2005 14:37:13 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA12281; Tue, 6 Sep 2005 14:37:12 -0400 (EDT)
Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ECiMm-0004xt-V2; Tue, 06 Sep 2005 14:40:21 -0400
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-2.cisco.com with ESMTP; 06 Sep 2005 11:37:03 -0700
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j86IawQM017936; Tue, 6 Sep 2005 11:36:59 -0700 (PDT)
Received: from [212.254.247.4] (ams-clip-vpn-dhcp4272.cisco.com [10.61.80.175]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id j86IWEi8030009; Tue, 6 Sep 2005 11:32:15 -0700
Message-ID: <431DE1C9.8000207@cisco.com>
Date: Tue, 06 Sep 2005 20:36:57 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Daniel Senie <dts@senie.com>
References: <431DD3BD.9090108@cisco.com> <431DD94C.8070907@dcrocker.net> <6.2.3.4.2.20050906141658.07a04e08@mail.amaranth.net>
In-Reply-To: <6.2.3.4.2.20050906141658.07a04e08@mail.amaranth.net>
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=1275; t=1126031537; x=1126463737; c=nowsp; s=nebraska; h=Subject:From:Date:Content-Type:Content-Transfer-Encoding; d=cisco.com; i=lear@cisco.com; z=Subject:Re=3A=20ISMS=20working=20group=20and=20charter=20problems| From:Eliot=20Lear=20<lear@cisco.com>| Date:Tue,=2006=20Sep=202005=2020=3A36=3A57=20+0200| Content-Type:text/plain=3B=20charset=3DISO-8859-1| Content-Transfer-Encoding:7bit; b=VEjzZE77ViJdy5V6PqFdygppwSXWci0UrKViEv0/rrGtTT9UeBLEOoUtBvX/8+WoDtYfCAhR NX1C0XkHS+7Hu3qX/5uYhML+ulHOBuR6thOsSKIef6gdxusVZHfRkwXmc/F5UkyVBdjyszfCP2i gC78XnWzrwQd/i3nt8OUUffI=
Authentication-Results: imail.cisco.com; header.From=lear@cisco.com; dkim=pass ( message from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69
Content-Transfer-Encoding: 7bit
Cc: iesg@ietf.org, nanog@merit.edu, dcrocker@bbiw.net, IETF Discussion <ietf@ietf.org>
Subject: Re: ISMS working group and charter problems
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Daniel, All solutions will use a different SSH port as part of the standard just so that firewall administrators have the ability to block. Eliot Daniel Senie wrote: > At 02:00 PM 9/6/2005, Dave Crocker wrote: > > >> Eliot, >> >>> I need your help to correct for an impending mistake by the ISMS >>> working group in the IETF. >> >> >> >> Your note is clear and logical, and seems quite compelling. >> >> Is there any chance of getting a proponent of the working group's >> decision to post a defense? >> >> (By the way, I am awestruck at the potential impact of changing SNMP >> from UDP-based to TCP-based, given the extensive debates that took >> place about this when SNMP was originally developed. Has THIS >> decision been subject to adequate external review, preferably >> including a pass by the IAB?) > > > I agree the argument is well laid out, and would be interested in > hearing the thinking of ISMS in response. > > I'm more than a bit concerned, however, when folks start talking about > solutions that will permit things to pass through firewalls without > configuration. Those in charge of firewalls are often purposely setting > policy. If there is a perceived need for a policy that prevents SNMP > traffic, then it should remain possible for the administrator of that > network element to make that call. I must say I have some concern with > overlaying SNMP on SSH, since that precludes the firewall knowing > whether the traffic is general SSH keyboard traffic or network management. > > Let's hear more about the thinking involved. > _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Dave Crocker
- Re: ISMS working group and charter problems Daniel Senie
- Re: ISMS working group and charter problems Iljitsch van Beijnum
- Re: ISMS working group and charter problems Sam Hartman
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Sam Hartman
- Re: ISMS working group and charter problems Steven M. Bellovin
- Re: ISMS working group and charter problems Pekka Savola
- Re: ISMS working group and charter problems Dave Crocker
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Dave Crocker
- Re: ISMS working group and charter problems Iljitsch van Beijnum
- RE: ISMS working group and charter problems Thomas Gal
- RE: ISMS working group and charter problems Daniel Senie
- Re: ISMS working group and charter problems Steven M. Bellovin
- Re: ISMS working group and charter problems Iljitsch van Beijnum
- Re: ISMS working group and charter problems Steven M. Bellovin
- Re: ISMS working group and charter problems Steven M. Bellovin
- Re: ISMS working group and charter problems Iljitsch van Beijnum
- RE: ISMS working group and charter problems Thomas Gal
- Re: ISMS working group and charter problems Steven M. Bellovin
- Re: ISMS working group and charter problems Randy Presuhn
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Harald Tveit Alvestrand
- Re: ISMS working group and charter problems Dave Singer
- Re: ISMS working group and charter problems Iljitsch van Beijnum
- Re: ISMS working group and charter problems Brian E Carpenter
- Re: ISMS working group and charter problems Juergen Quittek
- Re: ISMS working group and charter problems Jari Arkko
- Re: ISMS working group and charter problems Juergen Quittek
- Re: ISMS working group and charter problems Jari Arkko
- Firewall considerations (Re: ISMS working group a… Harald Tveit Alvestrand
- Re: ISMS working group and charter problems Melinda Shore
- Re: ISMS working group and charter problems Margaret Wasserman
- Re: ISMS working group and charter problems Margaret Wasserman
- Re: ISMS working group and charter problems Michael Thomas
- Re: ISMS working group and charter problems Margaret Wasserman
- Confusion about ISMS rechartering Sam Hartman
- Re: Confusion about ISMS rechartering Dave Crocker
- RE: ISMS working group and charter problems Fleischman, Eric
- RE: ISMS working group and charter problems Fleischman, Eric
- RE: ISMS working group and charter problems Margaret Wasserman
- RE: ISMS working group and charter problems Fleischman, Eric
- Re: ISMS working group and charter problems Spencer Dawkins
- Re: ISMS working group and charter problems Michael Thomas
- Re: ISMS working group and charter problems Sam Hartman
- Re: ISMS working group and charter problems Juergen Quittek
- Re: ISMS working group and charter problems Daniel Senie
- RE: ISMS working group and charter problems Nelson, David
- Re: ISMS working group and charter problems Tom Petch
- Fwd: ISMS working group and charter problems Rich Morin
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Eliot Lear
- Re: ISMS working group and charter problems Wes Hardaker
- ISMS working group and charter problems Brent Chapman