Re: [netconf] crypto-types fallback strategy
"Rob Wilton (rwilton)" <rwilton@cisco.com> Wed, 18 September 2019 15:37 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF1431209A5 for <netconf@ietfa.amsl.com>; Wed, 18 Sep 2019 08:37:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=IYYPYyzG; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=I3qazOGi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LbxyeDc7TNjZ for <netconf@ietfa.amsl.com>; Wed, 18 Sep 2019 08:37:25 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BBD0120A11 for <netconf@ietf.org>; Wed, 18 Sep 2019 08:37:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13137; q=dns/txt; s=iport; t=1568821038; x=1570030638; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=nw6eoupWiMSYXjMSiPCvU2g8hXehm9G91Huz/8jfOe4=; b=IYYPYyzGrDMZNJBDfZ4IISQ9jfLISZP4x0u2slOsHZO8ViVqoxD8VoOj ARA/7QTu5aBhOFqEN2O8pKmqWGtN7E6ReeOSd9nef6Bk4nLuCXDBWTTgH 7wXwd/O9dN609nsEuTrxlLqu5towaJ7fWJ84G9y8rxvQb3Vv/c2yJp05u c=;
IronPort-PHdr: 9a23:j5TA1BRK/S12g65izGwsrG4a8dpsv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESXBdfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH15g640NmhA4RsuMCEn1NvnvOjYlHcBeU1lN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AJAAD3TYJd/5pdJa1dCRoBAQEBAQIBAQEBBwIBAQEBgVMFAQEBAQsBgRUvKScDbVYgBAsqCodfA4RShiWCXIlmiTCEXYEugSQDVAkBAQEMAQEtAgEBhD8CgwMjNAkOAgMJAQEEAQEBAgEFBG2FLQyFSgEBAQEDEhsTAQE3AQ8CAQgRBAEBLyERHQgCBA4FCBqDAYEdTQMdAQKlXQKBOIhhgiWCfQEBBYUKDQuCFwmBNAGKRYEmHRiBQD+BV4JMPoIaggAsgzuCJo8hhV2JIY4hQQqCIpEEhBuCNpI/hCyPSYhejnMCBAIEBQIOAQEFgVI4gVhwFTuCbFAQFIFOgScBAoJIilNzgSmOKgGBIgEB
X-IronPort-AV: E=Sophos;i="5.64,521,1559520000"; d="scan'208,217";a="636125686"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 18 Sep 2019 15:37:17 +0000
Received: from XCH-ALN-017.cisco.com (xch-aln-017.cisco.com [173.36.7.27]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id x8IFbHlc015005 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 18 Sep 2019 15:37:17 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-017.cisco.com (173.36.7.27) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 18 Sep 2019 10:37:17 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 18 Sep 2019 10:37:16 -0500
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 18 Sep 2019 10:37:15 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d1/BHWyz8IqXKToUb+3mvA0PT3oHtgIeQcXeyweC9aAzXL34/ge1sBGmKpFJzAK+ziL1y6VQRrnG9l0iioPsGCzl6WipGRk1mF33F2xT75tRGfPplRKyaLzpJG32iMd4HQJ0n91kggCFrzjQ9sMI+y9TWQdfSP1sdJ6rzo/nHlDV2lhrvj/Hf7QTduNIIY4P+VcwISH0ynvhEm/wZr/y3ES0Ouvq/PngHeRLtToTwq09nOuwmHr5xEouID1xuzgMkJK0zjFb4mySUXT14Ju+1YG3ir+gjUKCjK9ZsOVMaWGNSxsyQPcWd+yPG0SDXOM77UvgJDph4SUFLFRNjRyuGw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z+fmKRXxjbRMiAYHKFPt5k4eUA/9SQwM+vaQDrlsusU=; b=KsR9cmh0cG3h2Wn344RrQsjUsG98ud4ykRmupcM3In4ebQG8UJzo8n1n1mAqZKqSvLZIv7opOOfw4kMN/vtKK9FfJja+98WazjMefljSql4dPQi4SbPMa6nwVRuCZ6RKxEI/vuAj8YcZjrCAvBPuq3+RkvKDZmPVz+2Hhkzl5vCPcGLwH+PXH45UHUfNzgvr3yGhKlvdh2GzyGO9GiFWH/amRkuor7gOWvodOwg3vflSZJZNzDXjZ9tyQyeDuKT2WimJFPF5PqLO+BeyFcGVLu1a7jo0Jl5ZoFEcidw2yy03M1p50o+rv7EIzkATd6qF41o83BeccUigfzK9qe4YZg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z+fmKRXxjbRMiAYHKFPt5k4eUA/9SQwM+vaQDrlsusU=; b=I3qazOGiaQ3ZMPLul+GSq5pz3kMdtUV7ipDrXeuFfNfGftcEUqckJ3bvmlMyO3nYKhos+m1Ltlt/fvx1nE9oNVqSk8uwqE+BKc3Fvdm23wqy/MdQg2P5fYTS3p0I0+RA0C12ELas5q8y98qoG0kl872ps6tq2iiwrYX54PlCKtk=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (52.135.38.209) by MN2PR11MB3838.namprd11.prod.outlook.com (20.178.252.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17; Wed, 18 Sep 2019 15:37:14 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::6db3:f4c:467b:30f6]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::6db3:f4c:467b:30f6%7]) with mapi id 15.20.2263.023; Wed, 18 Sep 2019 15:37:14 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Kent Watsen <kent+ietf@watsen.net>
CC: "Salz, Rich" <rsalz@akamai.com>, Russ Housley <housley@vigilsec.com>, "netconf@ietf.org" <netconf@ietf.org>, Sean Turner <sean@sn3rd.com>, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Thread-Topic: [netconf] crypto-types fallback strategy
Thread-Index: AQHVaNxVu0aQE+n/K0iPwVgOy8FH/KcpQIdQgAVLFQCAARKfAIAATvkAgAABvxCAAC5vAIAAAggggAADhQCAAQHLcIAARlAAgAAAT1CAABr3gIAADR/A
Date: Wed, 18 Sep 2019 15:37:14 +0000
Message-ID: <MN2PR11MB436617082A8308A7A8928DDFB58E0@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <0100016d21ee2101-fb4f3288-1975-4a7d-a499-cb42ff8d9e14-000000@email.amazonses.com> <MN2PR11MB4366AE6CF9E03B15EBEA3A39B5B30@MN2PR11MB4366.namprd11.prod.outlook.com> <0100016d3afa694e-ce58ee3a-792f-4c0e-89bb-83d0128a5194-000000@email.amazonses.com> <MN2PR11MB4366F63419F6BD4EF106766FB58F0@MN2PR11MB4366.namprd11.prod.outlook.com> <8053FDA0-77EA-488F-B5A7-F203359105E0@akamai.com> <MN2PR11MB43669B3A47A39FD93B47292FB58F0@MN2PR11MB4366.namprd11.prod.outlook.com> <6924CAD5-F740-4512-8689-E0307AF0BD88@akamai.com> <MN2PR11MB4366B5C09B4348FDAE33E2BCB58F0@MN2PR11MB4366.namprd11.prod.outlook.com> <99BFF357-6A2A-49E0-BB38-37C25DB04213@akamai.com> <MN2PR11MB4366F20EE2FD6DF04B965125B58E0@MN2PR11MB4366.namprd11.prod.outlook.com> <EBE4757D-E99E-41EB-A52B-A25F023BF4BC@akamai.com> <MN2PR11MB4366E4ECE10DFB018941BA5FB58E0@MN2PR11MB4366.namprd11.prod.outlook.com> <0100016d44bda220-51590a9a-0a15-4b63-a49d-47efe712e82e-000000@email.amazonses.com>
In-Reply-To: <0100016d44bda220-51590a9a-0a15-4b63-a49d-47efe712e82e-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [173.38.220.61]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e8fd3185-1a58-4535-7fdd-08d73c4e1489
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:MN2PR11MB3838;
x-ms-traffictypediagnostic: MN2PR11MB3838:
x-microsoft-antispam-prvs: <MN2PR11MB38385B4C8D11548C7A86AF53B58E0@MN2PR11MB3838.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01644DCF4A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(396003)(346002)(366004)(136003)(376002)(51444003)(189003)(199004)(102836004)(33656002)(14454004)(6436002)(66946007)(256004)(14444005)(81166006)(81156014)(8676002)(99286004)(6246003)(186003)(7736002)(86362001)(316002)(76176011)(66476007)(7696005)(66556008)(446003)(9326002)(26005)(11346002)(5660300002)(6116002)(71190400001)(25786009)(2906002)(478600001)(3846002)(55016002)(64756008)(6506007)(66446008)(790700001)(71200400001)(6306002)(54906003)(8936002)(66066001)(9686003)(53546011)(476003)(74316002)(52536014)(486006)(76116006)(54896002)(229853002)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3838; H:MN2PR11MB4366.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 6NKS976yFMJ9xM6OVVqflv2msUuECZI3w98IeHOavo9iaXvAFTvEUeEYJklU3buQy+ZhbL/FwOTqYu0rWOvdCbXCcHinGntW04ECHp8c5dpHvS73hdIMvBu+XmerAd4OsLoRjQXGIYOTVxG0OlltXg+gRKTj1l80fSxrvg3LIH6rsQ6JoAja62MIQGQec5FtIOUrzpdzmfVADfVDWWM4ZReFu4SozotldQ+IS3+u0Xd7vEmOhxyv81E2zSu/UOaHqaIAM7D3SDmhE7Ke1SnOgcUGSZv29fdiMnH7DyLTrHxokakNwaeZxTnEdOvDJZpBQNcbPqkkjir+9y/CVgNs2XsywoLh2uWdfWu24cms3kmzqOfhET0ASQ7d5rNhGVpmBeKClB6rdTCMPyjg6/PMF7jnUDGE4x34iAVvWypAK4w=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB436617082A8308A7A8928DDFB58E0MN2PR11MB4366namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: e8fd3185-1a58-4535-7fdd-08d73c4e1489
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Sep 2019 15:37:14.4146 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: FMfGY/47t+oj4JlP03lN9V4lLOOm2FZLvcxK2XwhDGyZRKqlmJ6wA2stDoIragEXMy8EKKl5N8/eh/DTN8YKOg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3838
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.27, xch-aln-017.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/71Rq2oWQkRmKgd5qvd9oMQ9-Kqg>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 15:37:29 -0000
Hi Kent, From: Kent Watsen <kent+ietf@watsen.net> Sent: 18 September 2019 15:19 To: Rob Wilton (rwilton) <rwilton@cisco.com> Cc: Salz, Rich <rsalz@akamai.com>; Russ Housley <housley@vigilsec.com>; netconf@ietf.org; Sean Turner <sean@sn3rd.com>; Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> Subject: Re: [netconf] crypto-types fallback strategy The authors are looking for clear direction for the next update to the draft(s). >From the gist of the discussion, the punch list appears to be: - revert back to using identities, as they were in the -08 revision. - only define base identities for what's needed immediately for TLS and SSH and keystore key-encryption. - define these base identities in distinct YANG modules - have each identity's description statement indicate what the binary key data is encoded. [RW] I think that this matches my view, except for "define these base identities in distinct YANG modules". I don't feel particularly strongly about this, but I was thinking that the base identities would still be defined in crypto-types.yang, which might help keep the import references simple. A bit separate from the above, but still in mind: - specify that all TLS public-keys are a DER-encoded SubjectPublicKeyInfo structure - specify that all SSH public-keys are a "ssh-public-key-type" type (see below) - specify that all encrypted symmetric keys are a DER-encoded OneSymmetricKey structure - specify that all encrypted asymmetric keys are a DER-encoded OneAsymmetricKey structure The "ssh-public-key" type would be defined as: typedef ssh-public-key-type { type binary; mandatory true; description "The binary public key data for this SSH key, as specified by RFC 4253, Section 6.6, i.e.: string certificate or public key format identifier byte[n] key/certificate data."; reference "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; } Any concerns? [RW] I think that this sounds OK. Minor: Does the "string" in the description above mean "ASCII string" or "binary string", RFC 4251 seemingly uses both definitions? Is putting the encrypted keys into DER-encoded OneSymmetricKey obviously the right thing to do? Are there other choices? Thanks, Rob Kent // author
- [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- [netconf] FW: crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Holland, Jake
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] [Taps] crypto-types fallback strate… tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Wang Haiguang
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund