Re: [netconf] crypto-types fallback strategy
Schönwälder, Jürgen <J.Schoenwaelder@jacobs-university.de> Tue, 08 October 2019 13:02 UTC
Return-Path: <J.Schoenwaelder@jacobs-university.de>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1C96120052 for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:02:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jacobsuniversity.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1D__JK1Ja89a for <netconf@ietfa.amsl.com>; Tue, 8 Oct 2019 06:02:26 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50044.outbound.protection.outlook.com [40.107.5.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8F4D120033 for <netconf@ietf.org>; Tue, 8 Oct 2019 06:02:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XfJesC8wAa6dYHEJBLX2EM88elMK4Wl76h38Qrg7C1yDdnkHof/GBXSy2iAMlx8Em7WQVzlIAHyd5Pt8SL/D5dYlccaIO6poyb4CJ67soooHsBxIQ483Wqi2mvKQv+5/lRya4BSMuElH4NzvLFNzuB5B02+OurHo6ovF3zRdiwWCVmbQcQBcJoEHyD1muqmoCJ0anQ2FKyunnXvts50xvAnDJsFg4BOdKyGjowsccgzZSretOceMG5ydxnhCYZTzgosc3DFIZQVoO9dDKVlbP8CA7Cal0C3vn+uignfMP12z1+Y2/MXW/HQGNP8Wtw7zLWzqInMOA3eWw+DhSvP2wg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hu70yFH3pjrlC5TPlnzOHfnay0R+o1SDwoebemsnJ3w=; b=bbYpJaYIncBm7cHet6HOfHPOZRFdCLoJfw/tplbe2ZpencUDeR22tVkAYfrquliqV2TDlTVrEi5fH9hSYhFg11TS4BnfO93FqcekdliT/LKed+feooqN7zjFPL48aSylkdElIPCoplGE8SodPjYytiOBlVGxIIM4NSG95aOLw0dopcHoS11Q1AJlB1/bvOcEALX8u1/Inu7tWFC4/FPao0Gh9wBxAwAEyDff+xv7Vpra5hVJv/XpXu0EXdWs37QpLkd2e3mKip/Qe5zU4a0AWXq8opT/uWKHPwD2+00BzOd6p3Hf9TuSQ73IjXrCRBhwPdyrF/bLXWBqwaBIm/fxPw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jacobs-university.de; dmarc=pass action=none header.from=jacobs-university.de; dkim=pass header.d=jacobs-university.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jacobsuniversity.onmicrosoft.com; s=selector2-jacobsuniversity-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hu70yFH3pjrlC5TPlnzOHfnay0R+o1SDwoebemsnJ3w=; b=XOKFLHJu2MWuf3oA6dCMNEMMNGheMQSCTCyV1JA0WKbaf0/Am86ZSvZL+29mLjgIs25Ya40K5f58ALeTcY1G1aDIkx5ZlQc1wavxYLjsXduKBFHdy4W5on42LO+f48D+seZZoFBKqOqO3CnWYXOOmQV4Ez7GBZK+5qIU4/35eHc=
Received: from DB6P190MB0181.EURP190.PROD.OUTLOOK.COM (10.172.229.20) by DB6P190MB0504.EURP190.PROD.OUTLOOK.COM (10.175.241.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.24; Tue, 8 Oct 2019 13:02:23 +0000
Received: from DB6P190MB0181.EURP190.PROD.OUTLOOK.COM ([fe80::3031:b318:b167:f8ee]) by DB6P190MB0181.EURP190.PROD.OUTLOOK.COM ([fe80::3031:b318:b167:f8ee%12]) with mapi id 15.20.2327.026; Tue, 8 Oct 2019 13:02:23 +0000
From: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
To: Martin Bjorklund <mbj@tail-f.com>
CC: "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: [netconf] crypto-types fallback strategy
Thread-Index: AQHVfcJcQSS5BIxD8Um+uO2HDtXgK6dQtboA
Date: Tue, 08 Oct 2019 13:02:22 +0000
Message-ID: <20191008130222.5v77yqytgcxytxzc@anna.jacobs.jacobs-university.de>
References: <02f501d57846$e29a3b20$4001a8c0@gateway.2wire.net> <0100016d8834e6b1-d2301e8e-89e5-4fb1-ae58-057e82c4cf7f-000000@email.amazonses.com> <0100016da8b59883-9c9c21fa-5030-4dd5-867e-5e33bf7b379d-000000@email.amazonses.com> <20191008.122208.2297815182441890483.mbj@tail-f.com>
In-Reply-To: <20191008.122208.2297815182441890483.mbj@tail-f.com>
Reply-To: "Schönwälder, Jürgen" <J.Schoenwaelder@jacobs-university.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: AM0PR02CA0095.eurprd02.prod.outlook.com (2603:10a6:208:154::36) To DB6P190MB0181.EURP190.PROD.OUTLOOK.COM (2603:10a6:4:88::20)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=J.Schoenwaelder@jacobs-university.de;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2001:638:709:5::7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c260e47e-bb2c-44fb-b6da-08d74befc27e
x-ms-traffictypediagnostic: DB6P190MB0504:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DB6P190MB0504273E0D6EA881CC608D24DE9A0@DB6P190MB0504.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 01842C458A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(366004)(396003)(39850400004)(136003)(346002)(189003)(199004)(1076003)(446003)(6246003)(229853002)(6306002)(6486002)(64756008)(66476007)(66556008)(66946007)(43066004)(66446008)(6116002)(6436002)(3450700001)(2906002)(4326008)(486006)(46003)(476003)(11346002)(6512007)(102836004)(256004)(14454004)(186003)(6506007)(478600001)(386003)(71190400001)(71200400001)(5660300002)(45776006)(6916009)(86362001)(316002)(54906003)(786003)(7736002)(25786009)(81166006)(8676002)(81156014)(8936002)(99286004)(76176011)(52116002)(305945005)(4744005); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6P190MB0504; H:DB6P190MB0181.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: jacobs-university.de does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IxKJWoJ37Y2GttsSWyUY7kSDhtbXXWi0Gp8BpPur6mVghrrGvI3TbBMt1i0dj2+eJXyl0dkP+6ETjPqTtcXPUQjR+MmLOGeDrRU6GgHkHDRmSImNRZFHaH+XdlsdqixJOjWSf7cTbutryVMQ2bZ7pQWaav5xZMkSPa2VTSXYZO89YKyOFWo5Z+ry07ZixLwhQkKhYCadGJmk0gho4FPTU89knjSXhwIcEzEgLK3WoTk2c9ItkLLsWSub35+s7x2qrnZnCgOciBDftj/oUF/uwHyl3gRBCqtiO80e/D8cUsibAxlhvjoJu2XpPvjFSosc6fC4jEAb3U0VfYRsU7DMCDuPnu6c7vRTAgWnchKiMVpOa2Y5jidFh6ySOXi+noJEIXJubqapu7UosYHWkhqKr7d8ySQNjLKHnZrr5SBjQIVjYBME4reM+wBobvfkLXv5yTdneMcc2AV2bksD6CAq9g==
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <0621B3E467C4814D8677332A05B304B0@EURP190.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: jacobs-university.de
X-MS-Exchange-CrossTenant-Network-Message-Id: c260e47e-bb2c-44fb-b6da-08d74befc27e
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2019 13:02:23.0015 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f78e973e-5c0b-4ab8-bbd7-9887c95a8ebd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZakKT8hd61hov6dv701xX2yNwG0vFNL5+uO97EQCHwD6uf9Gdpqh3699IjU+5nY6xuFrxMoWwjCoQx4G5c8Xmqlru03cyua1JruKvGNSal0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P190MB0504
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/tC9VB5RdTs7iywJU64k5t7Q9-NI>
Subject: Re: [netconf] crypto-types fallback strategy
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 13:02:28 -0000
On Tue, Oct 08, 2019 at 12:22:08PM +0200, Martin Bjorklund wrote: > > Note that in general, a server may support one set of algs for node A > and another set of algs for node B. So just listing the supported set > of identities is not sufficient. Which is why I suggest (again) that > we don't try to solve this problem here and now. > We either solve the problem or we have to accept the people create workarounds. It is no solution to say "we do this next year" over and over again. And yes, the number of config false lists you need depends on the number of config knobs. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/>
- [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Per Hedeland
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- [netconf] FW: crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Holland, Jake
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] [Taps] crypto-types fallback strate… tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Rob Wilton (rwilton)
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy tom petch
- Re: [netconf] crypto-types fallback strategy Wang Haiguang
- Re: [netconf] crypto-types fallback strategy Salz, Rich
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Schönwälder
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Kent Watsen
- Re: [netconf] crypto-types fallback strategy Martin Bjorklund