IETF Logo Mail Archive

SOAP/HTTP over SSH

Pooja Malhotra <pooja.malhotra@masconit.com> Thu, 01 June 2006 16:51 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FlqOZ-0007B6-PP for netconf-archive@lists.ietf.org; Thu, 01 Jun 2006 12:51:39 -0400
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FlqOX-0008Mw-EP for netconf-archive@lists.ietf.org; Thu, 01 Jun 2006 12:51:39 -0400
Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from <owner-netconf@ops.ietf.org>) id 1FlqFo-000172-A3 for netconf-data@psg.com; Thu, 01 Jun 2006 16:42:36 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.1
Received: from [63.240.1.43] (helo=relay2.nyc2.attens.net) by psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from <pooja.malhotra@masconit.com>) id 1FlmVY-0003SL-QX for netconf@ops.ietf.org; Thu, 01 Jun 2006 12:42:36 +0000
Received: from mailhub.masconit.com (email.masconit.com [12.107.104.100]) by relay2.nyc2.attens.net (8.13.6/8.13.6) with ESMTP id k51CgZLZ029915 for <netconf@ops.ietf.org>; Thu, 1 Jun 2006 12:42:35 GMT
Received: by MAILHUB with Internet Mail Service (5.5.2653.19) id <K5PD63KT>; Thu, 1 Jun 2006 07:42:35 -0500
Received: from POOJA ([172.16.15.43]) by mailhub.masconit.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id K5PD63KQ; Thu, 1 Jun 2006 07:42:30 -0500
From: Pooja Malhotra <pooja.malhotra@masconit.com>
To: netconf@ops.ietf.org
Subject: SOAP/HTTP over SSH
Date: Thu, 01 Jun 2006 18:07:48 +0530
Message-ID: <KNEGJPGAMOCLFDOMGAEKCEFBCAAA.pooja.malhotra@masconit.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
Sender: owner-netconf@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.0 (/)
X-Scan-Signature: fb6060cb60c0cea16e3f7219e40a0a81

Hi...

We are planning to implement NetConf.And I am very new to this standard.
In this effort I went thro' the initial draft
"NETCONF Configuration Protocol draft-ietf-netconf-prot-12" proposed by
IETF.
After going through it , I understood the architecture
as shown below in the figure:


      Layer                      Example
         +-------------+      +-----------------------------+
     (4) |   Content   |      |     Configuration data      |
         +-------------+      +-----------------------------+
                |                           |
         +-------------+      +-----------------------------+
     (3) | Operations  |      | NETCONF operation		|
         +-------------+      +-----------------------------+
                |                           |
         +-------------+      +-----------------------------+
     (2) |     RPC     |      |   SOAP over HTTP    		|
         +-------------+      +-----------------------------+
                |                           |
         +-------------+      +-----------------------------+
     (1) |  Transport  |      |  SSH                        |
         |   Protocol  |      |                             |
         +-------------+  	+-----------------------------+

As you can see, our proposed solution indicated that the SSH would
be used as Transport Protocol.This choice was made because it
is mentioned in section 2.4.(Mandatory Transport Protocol )
that SSH is  mandatory  for NetConf. Now we
are stuck with the RPC layer protocol. Intially we thought of
SOAP over HTTP (as RPC layer implementation), But if this the case,
we fail to understand how the SSH layer will communicate with
the RPC layer.
How the SSH layer will interact with the RPC layer over HTTP as it is not
secure.

Also,once the SSH session is opened between the remote machine,
how can we ensure that the data transfer is secured through SOAP/HTTP?

What is the nature of the SSH connection?Is it socket connection like SSL?

We tried implementing SSH using opensource Library from JSch
(for client)and OpenSSH (for SSH Server).
Other tool we tried was Corkscrew(tool for tunneling SSH
through HTTP proxies.)

Also Is it mandatory to implement SSH.Instead can we use SOAP
over HTTPS.

I would be highly obliged if you could please throw some light on
the queries I have and tell us some tools which can help us in
implementation.


Thanks,

Pooja Malhotra
Senior Software Engineer,
MASCON Global ltd.
Bangalore
Karnatka (India)





--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

v2.23.0 | Report a Bug | By Email