Re: NETCONF over TLS?
Eliot Lear <lear@cisco.com> Thu, 30 March 2006 17:01 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FP0WE-0004IS-7K for netconf-archive@lists.ietf.org; Thu, 30 Mar 2006 12:01:10 -0500
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FP0WD-00060o-UF for netconf-archive@lists.ietf.org; Thu, 30 Mar 2006 12:01:10 -0500
Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from <owner-netconf@ops.ietf.org>) id 1FP0TC-0009aD-IY for netconf-data@psg.com; Thu, 30 Mar 2006 16:58:02 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00, DNS_FROM_RFC_ABUSE,SPF_PASS autolearn=no version=3.1.1
Received: from [171.71.176.117] (helo=test-iport-1.cisco.com) by psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from <lear@cisco.com>) id 1FP0TB-0009Zy-SS for netconf@ops.ietf.org; Thu, 30 Mar 2006 16:58:01 +0000
Received: from sj-core-2.cisco.com ([171.71.177.254]) by test-iport-1.cisco.com with ESMTP; 30 Mar 2006 08:58:01 -0800
Received: from imail.cisco.com (sjc12-sbr-sw3-3f5.cisco.com [172.19.96.182]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id k2UGw1Gv008511; Thu, 30 Mar 2006 08:58:01 -0800 (PST)
Received: from [212.254.247.4] (ams-clip-vpn-dhcp4358.cisco.com [10.61.81.5]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id k2UGwSub008691; Thu, 30 Mar 2006 08:58:28 -0800
Message-ID: <442C0E16.3010608@cisco.com>
Date: Thu, 30 Mar 2006 18:57:58 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Thunderbird 1.5 (Macintosh/20051201)
MIME-Version: 1.0
To: Andy Bierman <ietf@andybierman.com>
CC: "Netconf (E-mail)" <netconf@ops.ietf.org>
Subject: Re: NETCONF over TLS?
References: <442C0D9E.3070401@andybierman.com>
In-Reply-To: <442C0D9E.3070401@andybierman.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
DKIM-Signature: a=rsa-sha1; q=dns; l=853; t=1143737909; x=1144170109; c=relaxed/simple; s=nebraska; h=Subject:From:Date:Content-Type:Content-Transfer-Encoding:Mime-Version; d=cisco.com; i=lear@cisco.com; z=From:Eliot=20Lear=20<lear@cisco.com> |Subject:Re=3A=20NETCONF=20over=20TLS? |To:Andy=20Bierman=20<ietf@andybierman.com>; X=v=3Dmtcc.com=3B=20h=3D/Pi95qArLRsV/KpBwvTYQswsifc=3D; b=Y92iMeDWmcAGCo0BL7PxK/f4q9v+SaipMSgh/6lFh8PFZ6eNZA0Xwbiwc4V7ntbIdz07So54 8qNst6A94kP4aGoohsadaLIiWEzmB8NZwi6N8J7wQfPeAUduPnUD6Ct7SQ+poH+j68C9zqzPz1i UOFDUtCdELyXXfAE7RA1CKfs=;
Authentication-Results: imail.cisco.com; header.From=lear@cisco.com; dkim=pass ( message from cisco.com verified; );
Sender: owner-netconf@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 97adf591118a232206bdb5a27b217034
There's no reason you couldn't do this with TLS/BEEP, right? Eliot Andy Bierman wrote: > Hi, > > Somebody sent me an email and asked if the WG was > interested in NETCONF over TLS. I said probably > not. This morning I saw this I-D in Last Call > to supply a user name to TLS, an obvious missing > component is you want to support a user-based > access-control model (and I do). > > http://www.ietf.org/internet-drafts/draft-santesson-tls-ume-04.txt > > So now I am curious (but not enough to standardize > anything) if the secure syslog integration with netconf > over TLS makes security and operational sense. > > > Andy > > > -- > to unsubscribe send a message to netconf-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: <http://ops.ietf.org/lists/netconf/> > -- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>
- NETCONF over TLS? Andy Bierman
- Re: NETCONF over TLS? Eliot Lear
- Re: NETCONF over TLS? Andy Bierman