Re: [midcom] security recommendations in MIDCOM MIB draft

Wes Hardaker <wjhns1@hardakers.net> Fri, 06 July 2007 17:11 UTC

Return-path: <midcom-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6rKi-0008S1-OP; Fri, 06 Jul 2007 13:11:04 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6rKh-0008QT-Fy for midcom@ietf.org; Fri, 06 Jul 2007 13:11:03 -0400
Received: from dcn236-43.dcn.davis.ca.us ([168.150.236.43] helo=wes.hardakers.net) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6rKd-0004tP-4G for midcom@ietf.org; Fri, 06 Jul 2007 13:11:03 -0400
Received: by wes.hardakers.net (Postfix, from userid 274) id EDC2B39A134; Fri, 6 Jul 2007 10:11:25 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Juergen Quittek <quittek@netlab.nec.de>
Subject: Re: [midcom] security recommendations in MIDCOM MIB draft
Organization: Sparta
References: <6AFFE92CEE03A3E6C2E61771@753F3B888A9969457862729D> <468CD3FB.4040203@ericsson.com> <DEBABF6939AEF2CFE63C3811@juergen-quitteks-computer.local>
Date: Fri, 06 Jul 2007 10:11:25 -0700
In-Reply-To: <DEBABF6939AEF2CFE63C3811@juergen-quitteks-computer.local> (Juergen Quittek's message of "Thu, 05 Jul 2007 20:24:29 +0200")
Message-ID: <sdk5td1mpu.fsf@wes.hardakers.net>
User-Agent: Gnus/5.110007 (No Gnus v0.7) XEmacs/21.4.19 (linux, no MULE)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: 0.1 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Cc: midcom@ietf.org, Tim Polk <tim.polk@nist.gov>
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: midcom.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Errors-To: midcom-bounces@ietf.org

>>>>> "JQ" == Juergen Quittek <quittek@netlab.nec.de>; writes:

JQ> I don't think it would be appropriate to mandate in the MIDCOM MIB
JQ> draft a specific way of achieving a sufficient level of security.

I believe the wording I've seen doesn't do this.  It uses RECOMMENDED
and SHOULD to specify which particular implementation and deployment
details are the best at this time (and maybe adding "at the time of this
writing" is a good way forward as well).  But, the important REQUIRED that
should stay a REQUIRED is this one:

  It is REQUIRED that the implementations support the security features
  as provided by the SNMPv3 framework.

Which merely says you must implement the security features in the
framework.  I believe the framework implies "a security model" and "an
access control model", but not necessarily USM and VACM.  The
recommendations for USM and VACM come in the next sentence, which is
relaxed to a RECOMMENDED to allow for other choices.

It does also say that:

  In the draft, we explicitly state hat a MIDCOM MIB implementation
  MUST support SNMPv3.

That's the only protocol-secure alternative at this time at least, and
require implementations to support it makes sense.  At this time.  In
the future if netconf or some other new protocol has the ability to
access the MIDCOM MIB through a secure means, then it seems reasonable
to let them not implement SNMPv3.  At this time, however, that's not
possible and SNMPv3 should be a MUST.  Again, wording that allows for
future deviations is a way around this.
-- 
Wes Hardaker
Sparta, Inc.

_______________________________________________
midcom mailing list
midcom@ietf.org
https://www1.ietf.org/mailman/listinfo/midcom