RE: SOAP/HTTP over SSH
Pooja Malhotra <pooja.malhotra@masconit.com> Fri, 02 June 2006 19:25 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FmFH8-0002js-T1 for netconf-archive@lists.ietf.org; Fri, 02 Jun 2006 15:25:38 -0400
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FmFH7-00019B-BQ for netconf-archive@lists.ietf.org; Fri, 02 Jun 2006 15:25:38 -0400
Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from <owner-netconf@ops.ietf.org>) id 1FmFDg-000BoO-NK for netconf-data@psg.com; Fri, 02 Jun 2006 19:22:04 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.1
Received: from [63.240.1.44] (helo=relay3.nyc2.attens.net) by psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from <pooja.malhotra@masconit.com>) id 1Fm6Cp-000A1u-4O for netconf@ops.ietf.org; Fri, 02 Jun 2006 09:44:35 +0000
Received: from mailhub.masconit.com (email.masconit.com [12.107.104.100]) by relay3.nyc2.attens.net (8.13.6/8.13.6) with ESMTP id k529iXR0013641; Fri, 2 Jun 2006 09:44:33 GMT
Received: by MAILHUB with Internet Mail Service (5.5.2653.19) id <K5PD9HBL>; Fri, 2 Jun 2006 04:44:33 -0500
Received: from POOJA ([172.16.15.43]) by mailhub.masconit.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id K5PD9HBG; Fri, 2 Jun 2006 04:44:28 -0500
From: Pooja Malhotra <pooja.malhotra@masconit.com>
To: Andy Bierman <ietf@andybierman.com>
Cc: netconf@ops.ietf.org
Subject: RE: SOAP/HTTP over SSH
Date: Fri, 02 Jun 2006 15:09:44 +0530
Message-ID: <KNEGJPGAMOCLFDOMGAEKCEFHCAAA.pooja.malhotra@masconit.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
In-Reply-To: <447F2061.5080105@andybierman.com>
Sender: owner-netconf@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8
Thanks Andy.. I really appreciate ur help. But again..as the draft says that SSH is an mandatory transport protocol , Can we implement SOAP over HTTPS (as transport Protocol) and still be netconf compliant. Regards, Pooja -----Original Message----- From: Andy Bierman [mailto:ietf@andybierman.com] Sent: Thursday, June 01, 2006 10:44 PM To: Pooja Malhotra Cc: netconf@ops.ietf.org Subject: Re: SOAP/HTTP over SSH Pooja Malhotra wrote: > Hi... > > We are planning to implement NetConf.And I am very new to this standard. > In this effort I went thro' the initial draft > "NETCONF Configuration Protocol draft-ietf-netconf-prot-12" proposed by > IETF. > After going through it , I understood the architecture > as shown below in the figure: You have misunderstood the document. The RPC layer is 'SOAP over HTTP'. The transport protocol SOAP over HTTPS (HTTP over TLS) is supported. You would use this instead of SSH. Andy > > > Layer Example > +-------------+ +-----------------------------+ > (4) | Content | | Configuration data | > +-------------+ +-----------------------------+ > | | > +-------------+ +-----------------------------+ > (3) | Operations | | NETCONF operation | > +-------------+ +-----------------------------+ > | | > +-------------+ +-----------------------------+ > (2) | RPC | | SOAP over HTTP | > +-------------+ +-----------------------------+ > | | > +-------------+ +-----------------------------+ > (1) | Transport | | SSH | > | Protocol | | | > +-------------+ +-----------------------------+ > > As you can see, our proposed solution indicated that the SSH would > be used as Transport Protocol.This choice was made because it > is mentioned in section 2.4.(Mandatory Transport Protocol ) > that SSH is mandatory for NetConf. Now we > are stuck with the RPC layer protocol. Intially we thought of > SOAP over HTTP (as RPC layer implementation), But if this the case, > we fail to understand how the SSH layer will communicate with > the RPC layer. > How the SSH layer will interact with the RPC layer over HTTP as it is not > secure. > > Also,once the SSH session is opened between the remote machine, > how can we ensure that the data transfer is secured through SOAP/HTTP? > > What is the nature of the SSH connection?Is it socket connection like SSL? > > We tried implementing SSH using opensource Library from JSch > (for client)and OpenSSH (for SSH Server). > Other tool we tried was Corkscrew(tool for tunneling SSH > through HTTP proxies.) > > Also Is it mandatory to implement SSH.Instead can we use SOAP > over HTTPS. > > I would be highly obliged if you could please throw some light on > the queries I have and tell us some tools which can help us in > implementation. > > > Thanks, > > Pooja Malhotra > Senior Software Engineer, > MASCON Global ltd. > Bangalore > Karnatka (India) > > > > > > -- > to unsubscribe send a message to netconf-request@ops.ietf.org with > the word 'unsubscribe' in a single line as the message text body. > archive: <http://ops.ietf.org/lists/netconf/> > > -- to unsubscribe send a message to netconf-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/netconf/>
- SOAP/HTTP over SSH Pooja Malhotra
- Re: SOAP/HTTP over SSH Juergen Schoenwaelder
- Re: SOAP/HTTP over SSH Andy Bierman
- Re: SOAP/HTTP over SSH Andy Bierman
- RE: SOAP/HTTP over SSH Pooja Malhotra