IETF Logo Mail Archive

Re: ISMS working group and charter problems

Eliot Lear <lear@cisco.com> Wed, 07 September 2005 05:46 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECslY-0005Mg-Qw; Wed, 07 Sep 2005 01:46:36 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1ECslU-0005MB-St; Wed, 07 Sep 2005 01:46:35 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA00461; Wed, 7 Sep 2005 01:46:32 -0400 (EDT)
Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1ECsoa-0001TW-67; Wed, 07 Sep 2005 01:49:46 -0400
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-3.cisco.com with ESMTP; 06 Sep 2005 22:46:21 -0700
X-IronPort-AV: i="3.96,173,1122879600"; d="scan'208"; a="339377721:sNHT36113516"
Received: from imail.cisco.com (imail.cisco.com [128.107.200.91]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j875kGKC028286; Tue, 6 Sep 2005 22:46:16 -0700 (PDT)
Received: from [212.254.247.6] (ams-clip-vpn-dhcp148.cisco.com [10.61.64.148]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id j875fVpu003946; Tue, 6 Sep 2005 22:41:31 -0700
Message-ID: <431E7EA7.3030005@cisco.com>
Date: Wed, 07 Sep 2005 07:46:15 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
References: <20050906231355.7FBD73BFD6F@berkshire.machshav.com>
In-Reply-To: <20050906231355.7FBD73BFD6F@berkshire.machshav.com>
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=2146; t=1126071693; x=1126503893; c=nowsp; s=nebraska; h=Subject:From:Date:Content-Type:Content-Transfer-Encoding; d=cisco.com; i=lear@cisco.com; z=Subject:Re=3A=20ISMS=20working=20group=20and=20charter=20problems| From:Eliot=20Lear=20<lear@cisco.com>| Date:Wed,=2007=20Sep=202005=2007=3A46=3A15=20+0200| Content-Type:text/plain=3B=20charset=3DISO-8859-1| Content-Transfer-Encoding:7bit; b=Fse3n3uEaQ8mucuXjTg0h7rTLWSeSP+UVKIN4jbugk6G9hYJj/kNJBb16BQxnJ7tAR6hg+2c qNzx/bQe5PJVY9i5G/XB8i74vrpNyhVgAwiVr22cB5PvmDHc0hxnjRYWlwWIT78zJoszBF2Xwtw IzmTCblbrXuMkuZnVRO2Yx0k=
Authentication-Results: imail.cisco.com; header.From=lear@cisco.com; dkim=pass ( message from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793
Content-Transfer-Encoding: 7bit
Cc: nanog@merit.edu, IETF Discussion <ietf@ietf.org>, iesg@ietf.org
Subject: Re: ISMS working group and charter problems
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

Hi Steve,

> I agree that the functionality you suggest is useful.  The trick is to 
> permit that without permitting misbehavior.  (I'll note here that the 
> interests of vendors and the interests of users are not identical.  
> More and more, vendors like subscription-based models, where users keep 
> on paying, to give just one example.)  This requires not just a 
> view-based access control model -- where the view might be "MIB 
> variables for this call only" -- but an express intent by the user to 
> permit the access for that particular call.  This demands a different 
> notion of "view" than has been traditional; it also implies a user 
> interface issue and -- given the existence of firewalls -- a multi-
> party protocol:  my endpoint, your endpoint, my management proxy (which 
> is accessible through the firewall), your management proxy, and the 
> vendor's diagnostic station.  I'd be hard-pressed to see this as within 
> scope for ISMS.  It may, however, be a very nice subject for a separate 
> working group.

I think there are a few models that could be considered.  The first is
where a single administrative domain is at play, where really my
management proxy = your management proxy.  This might be an optimization
of what you're saying.  Arguably you're already talking to my management
proxy through SIP.  An alternative model that has been mentioned is a
way to query OIDs over SIP.  I'm not a SIP guy so I don't know if the
SIP proxy can even initiate queries.

In the case you mentioned, with four proxies, I'm okay with that as long
as it's not mandated in the model.  Anything that requires four of
anything is never going to survive the Internet.  e2e is hard enough
with 2 devices ;-)

> 
> 
>>Furthermore, if the phone wants to send a notification to a manager, it
>>too is likely to reside behind a firewall.
> 
> 
> Not if the site is properly managed.  The manager's port should be 
> exposed to the outside.  Just as web servers have to permit inbound 
> port 80 and mail servers have to permit inbound port 25, a management 
> station has to accept its own traffic.  A firewall can, at best, 
> protect the other ports on the machine -- but those should be turned 
> off anyway.

You can't really tell where the firewalls area going to be in the
general case.  And with mobile managed devices, you really can't tell,
because access will vary.  My point was that in the case where a
notification connection is initiated in one direction and a request
connection is initiated in another, you're all but guaranteed that one
or the other will fail in the face of a firewall, and that is the
current envisioned approach.

Eliot

_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email