Re: [netconf] crypto-types and keystore comments
Martin Bjorklund <mbj@tail-f.com> Thu, 14 November 2019 15:51 UTC
Return-Path: <mbj@tail-f.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2889F120129 for <netconf@ietfa.amsl.com>; Thu, 14 Nov 2019 07:51:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aNopEJxvySeG for <netconf@ietfa.amsl.com>; Thu, 14 Nov 2019 07:51:22 -0800 (PST)
Received: from mail.tail-f.com (mail.tail-f.com [46.21.102.45]) by ietfa.amsl.com (Postfix) with ESMTP id 54063120113 for <netconf@ietf.org>; Thu, 14 Nov 2019 07:51:22 -0800 (PST)
Received: from localhost (unknown [173.38.220.41]) by mail.tail-f.com (Postfix) with ESMTPSA id CC1E61AE0312; Thu, 14 Nov 2019 16:51:20 +0100 (CET)
Date: Thu, 14 Nov 2019 16:50:50 +0100
Message-Id: <20191114.165050.356278327445084771.mbj@tail-f.com>
To: kent+ietf@watsen.net
Cc: netconf@ietf.org
From: Martin Bjorklund <mbj@tail-f.com>
In-Reply-To: <0100016e6a936a0d-47636ce9-345c-4009-8d74-9703905933aa-000000@email.amazonses.com>
References: <0100016e6a250215-e89c9f24-60d9-419d-bc24-221786cb6f85-000000@email.amazonses.com> <20191114.144738.728144006347516638.mbj@tail-f.com> <0100016e6a936a0d-47636ce9-345c-4009-8d74-9703905933aa-000000@email.amazonses.com>
X-Mailer: Mew version 6.8 on Emacs 25.2
Mime-Version: 1.0
Content-Type: Text/Plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/2Ozkwd-KJJBr5vlv0Un3XLW6_0I>
Subject: Re: [netconf] crypto-types and keystore comments
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Nov 2019 15:51:24 -0000
Kent Watsen <kent+ietf@watsen.net> wrote: > Hi Martin, > > >> True. But how can we define a way to get a list per instance? Should > >> there be a "config false" list wherever the "algorithm" node appears > >> (i.e., put the list into the crypto-type groupings having the > >> algorithm node?) > > > > I don't know, probably. Do we really want that? Probably not. > > Per-instance may be too granular. If thinking that said curations > occur of protocol boundaries, then maybe have a config false list in > ietf-ssh-common and ietf-tis-common? Not perfect, as an application > may use more than one SSH library or more than one TLS library, but > it's much less likely. Yes, better. > > This is exaclty why I suggested earlier that we don't spend time > > trying to solve this problem at all now. I'd rather not put in > > something that we know doesn't really work. > > Wait, no, there is a very real issue here that cannot be ignored. Or > do you feel that we should give up entirely on trying to enable > servers to proactively express what algorithms they support? > > > > >>> Do you have a pointer to this? > >> > >> There was an email from Juergen a few months back. > > > > But that was based on a misunderstanding. (or you mean something > > else) > > Now I'm unsure what you're talking about, do you have a pointer to it? I am talking about this: https://mailarchive.ietf.org/arch/browse/netconf/?q= /martin
- [netconf] crypto-types and keystore comments Martin Bjorklund
- Re: [netconf] crypto-types and keystore comments Kent Watsen
- Re: [netconf] crypto-types and keystore comments Martin Bjorklund
- Re: [netconf] crypto-types and keystore comments Kent Watsen
- Re: [netconf] crypto-types and keystore comments Martin Bjorklund
- Re: [netconf] crypto-types and keystore comments Kent Watsen
- Re: [netconf] crypto-types and keystore comments Martin Bjorklund
- Re: [netconf] crypto-types and keystore comments Kent Watsen
- Re: [netconf] crypto-types and keystore comments Martin Bjorklund
- Re: [netconf] crypto-types and keystore comments Martin Bjorklund