[Netconf] [Errata Rejected] RFC6242 (5305)
RFC Errata System <rfc-editor@rfc-editor.org> Tue, 27 March 2018 18:06 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3498412778E; Tue, 27 Mar 2018 11:06:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FSOWB1S3Mkwh; Tue, 27 Mar 2018 11:06:20 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 410E8126CBF; Tue, 27 Mar 2018 11:06:20 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 38060B80135; Tue, 27 Mar 2018 11:06:02 -0700 (PDT)
To: fanhycd@qq.com, mrw@painless-security.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: ibagdona@gmail.com, iesg@ietf.org, netconf@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20180327180602.38060B80135@rfc-editor.org>
Date: Tue, 27 Mar 2018 11:06:02 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/TyV3XFHahXlhDj1SEeofCinYnHA>
Subject: [Netconf] [Errata Rejected] RFC6242 (5305)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2018 18:06:22 -0000
The following errata report has been rejected for RFC6242, "Using the NETCONF Protocol over Secure Shell (SSH)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata/eid5305 -------------------------------------- Status: Rejected Type: Technical Reported by: HengyingFan <fanhycd@qq.com> Date Reported: 2018-03-26 Rejected by: Ignas Bagdonas (IESG) Section: 6 Original Text ------------- This document also recommends that SSH servers be configurable to allow access to the "netconf" SSH subsystem over other ports. Use of that configuration option without corresponding changes to firewall or network device configuration may unintentionally result in the ability for nodes outside of the firewall or other administrative boundaries to gain access to the "netconf" SSH subsystem. Corrected Text -------------- This document also recommends that SSH servers be configurable to allow access to the "netconf" SSH subsystem over other ports. Use of that configuration option without corresponding changes to firewall or network device configuration may unintentionally result in the inability for nodes outside of the firewall or other administrative boundaries to gain access to the "netconf" SSH subsystem. Notes ----- ability -> inability --VERIFIER NOTES-- It was discussed among reporter, document authors, and WG members and the conclusion was that the original text in the document is technically correct. Email discussion: https://mailarchive.ietf.org/arch/msg/netconf/xMBJjW9Sn5xzXZYhwVbRM0Im1fg -------------------------------------- RFC6242 (draft-ietf-netconf-rfc4742bis-08) -------------------------------------- Title : Using the NETCONF Protocol over Secure Shell (SSH) Publication Date : June 2011 Author(s) : M. Wasserman Category : PROPOSED STANDARD Source : Network Configuration Area : Operations and Management Stream : IETF Verifying Party : IESG
- [Netconf] [Errata Rejected] RFC6242 (5305) RFC Errata System