IETF Logo Mail Archive

Re: [netconf] UserId for authentication in https-notif

Mahesh Jethanandani <mjethanandani@gmail.com> Fri, 11 October 2019 19:15 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51FE5120018 for <netconf@ietfa.amsl.com>; Fri, 11 Oct 2019 12:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0idPqjBSsLWn for <netconf@ietfa.amsl.com>; Fri, 11 Oct 2019 12:15:05 -0700 (PDT)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E22201200B8 for <netconf@ietf.org>; Fri, 11 Oct 2019 12:15:04 -0700 (PDT)
Received: by mail-pl1-x634.google.com with SMTP id f21so4879820plj.10 for <netconf@ietf.org>; Fri, 11 Oct 2019 12:15:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=mKQgh9fV7TOoqK9mxDhZ65uOcEiDeitHJkgkpngTtmE=; b=ggJLApdnY6slY4m0OqXtDRW59pFrUDnwnLkXCtOS0glQeubkYolwsO54HLPBGFL332 KqPyPBhmctBRg7Dakg4o8ezjxRuVbxtqS6yHtKjxAQ08/Xo9T4jebKsCcjEuKoicNouM nH0idWeS8RebnRTI8pbg02hRHumuT1LHJr+0tqaHe/v7/KJBGpwB7mrlIf5PGDXy9s8T dOLoXAnWKBDIp1Yk7LcuuPrxqa4fPIaCtetXpu5ssKxLb2lCCm8aodZp40WCpqRSf/zR v16OjW3NuMBqCJQJIf+jmnYWDR/X/bIZrZtJuAuVAbF8bLpFdPJRJvrip9XtIBVXdsvT arRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=mKQgh9fV7TOoqK9mxDhZ65uOcEiDeitHJkgkpngTtmE=; b=W9rASusQnei9qLI6GKgSRZPzso2A2N/V0/qUWwBxyCUWXKmUjTH2Z3s90M9tJOE8tk 2z+mYryR26mywXziqV41levk3eTnQ8Emsdz6VvI01fkaraz6aZy/71aRwUNS+gavnOU+ BaqMqXLvJBR6nWxc3bXuQhqyRHCj4aRltlchfyBsiH0BESPWirGp10tC152KNlhQndgT Vp4+yLdPa4UZx04ldmtOi2tm7z9idimdgwy0QknyFH0FSXTsW5DVdumZnc5zdNsvNF80 zKxjZHlZ3Ps5ohRLTCSmv96kkPSsHsN+/ExOZdK46PuSFXMPTitp2tF/RIbU1BhQMtP1 QmHw==
X-Gm-Message-State: APjAAAXQHPHvdaISx2gDI74dDC5PhsozIR55uQRKjpIIPQQ+HAUpbEwH urpWmjv7ZGlX1/rb2hMdmqA=
X-Google-Smtp-Source: APXvYqyAM7zn24aVhAGaG76xLyuYGZ4SMDtTlEKIc/8LBEqlj5KOufSWto7PWcROJbf2vwfIDgZ3yw==
X-Received: by 2002:a17:902:9002:: with SMTP id a2mr16948600plp.147.1570821304230; Fri, 11 Oct 2019 12:15:04 -0700 (PDT)
Received: from [10.33.123.155] ([66.170.99.2]) by smtp.gmail.com with ESMTPSA id t68sm8708083pgt.61.2019.10.11.12.15.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Oct 2019 12:15:02 -0700 (PDT)
From: Mahesh Jethanandani <mjethanandani@gmail.com>
Message-Id: <82EF0CC8-3112-47C1-8DB0-94BF118E5BAC@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F336EF95-29DB-491D-91D3-EBFF8A92CBC1"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Fri, 11 Oct 2019 12:15:01 -0700
In-Reply-To: <VI1PR0701MB228689F4451F67AC255DEFAFF0970@VI1PR0701MB2286.eurprd07.prod.outlook.com>
Cc: "netconf@ietf.org" <netconf@ietf.org>
To: Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org>
References: <VI1PR0701MB228689F4451F67AC255DEFAFF0970@VI1PR0701MB2286.eurprd07.prod.outlook.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/IcAgBody8eHdBJ8_NxzHvq-0BaY>
Subject: Re: [netconf] UserId for authentication in https-notif
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2019 19:15:09 -0000

Hi Balasz,

> On Oct 11, 2019, at 2:43 AM, Balázs Lengyel <balazs.lengyel=40ericsson.com@dmarc.ietf.org> wrote:
> 
> Hello,
> What userId will be used to perform access control on outgoing notifications transferred via https?

This was also discussed in an earlier thread, when Martin brought up the broader question of whether we are planning on using PUT or POST, to which URI, and authorization. 

Kent suggested that user-id will be part of http-params supported by the http client/server draft, and will be the user-id used by NACM. The example in the draft will be augmented thus:

<receivers
     xmlns="urn:ietf:params:xml:ns:yang:ietf-https-notif">
     <receiver>
       <name>foo</name>
       <tcp-params>
         <remote-address>my-receiver.my-domain.com <http://my-receiver.my-domain.com/></remote-address>
         <remote-port>443</remote-port>
       </tcp-params>
       <tls-params>
         <server-authentication>
           <ca-certs>explicitly-trusted-server-ca-certs</ca-certs>
           <server-certs>explicitly-trusted-server-certs</server-certs>
         </server-authentication>
       </tls-params>
       <http-params>
         <client-identity>
           <basic>
             <user-id>my-name</user-id>
             <password>my-passsord</password>
           </basic>
        </client-identity>
        <path>/some/path</path>
       <http-params>
     </receiver>
 </receivers>

Cheers.

>  
> regards Balazs
>  
> -- 
> Balazs Lengyel                    Senior Specialist                       Ericsson Hungary Ltd. 
> Mobile: +36-70-330-7909              email: Balazs.Lengyel@ericsson.com <mailto:Balazs.Lengyel@ericsson.com>
>  
> _______________________________________________
> netconf mailing list
> netconf@ietf.org <mailto:netconf@ietf.org>
> https://www.ietf.org/mailman/listinfo/netconf <https://www.ietf.org/mailman/listinfo/netconf>
Mahesh Jethanandani
mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email