Re: [NGO] comments on CANMOD BoF
Andy Bierman <ietf@andybierman.com> Sat, 15 March 2008 23:33 UTC
Return-Path: <ngo-bounces@ietf.org>
X-Original-To: ietfarch-ngo-archive@core3.amsl.com
Delivered-To: ietfarch-ngo-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E4A273A6ABC; Sat, 15 Mar 2008 16:33:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.328
X-Spam-Level:
X-Spam-Status: No, score=-100.328 tagged_above=-999 required=5 tests=[AWL=0.110, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mNRK4JWVwoKo; Sat, 15 Mar 2008 16:33:59 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2ADC23A6AF2; Sat, 15 Mar 2008 16:33:59 -0700 (PDT)
X-Original-To: ngo@core3.amsl.com
Delivered-To: ngo@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 372533A6AAF for <ngo@core3.amsl.com>; Sat, 15 Mar 2008 16:33:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oJZa7AZUc1d2 for <ngo@core3.amsl.com>; Sat, 15 Mar 2008 16:33:57 -0700 (PDT)
Received: from smtp110.sbc.mail.mud.yahoo.com (smtp110.sbc.mail.mud.yahoo.com [68.142.198.209]) by core3.amsl.com (Postfix) with SMTP id 5E0AA3A698A for <ngo@ietf.org>; Sat, 15 Mar 2008 16:33:57 -0700 (PDT)
Received: (qmail 63771 invoked from network); 15 Mar 2008 23:31:40 -0000
Received: from unknown (HELO ?127.0.0.1?) (andybierman@att.net@67.122.138.89 with plain) by smtp110.sbc.mail.mud.yahoo.com with SMTP; 15 Mar 2008 23:31:39 -0000
X-YMail-OSG: .VyqLfkVM1nubCOWqEqL1KsZnZgn4PxxRj74kVZFQhRkzLWh
X-Yahoo-Newman-Property: ymail-3
Message-ID: <47DC5C5B.5040801@andybierman.com>
Date: Sat, 15 Mar 2008 16:31:39 -0700
From: Andy Bierman <ietf@andybierman.com>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: Phil Shafer <phil@juniper.net>
References: <200803152203.m2FM3mGr051070@idle.juniper.net>
In-Reply-To: <200803152203.m2FM3mGr051070@idle.juniper.net>
Cc: NETCONF Goes On <ngo@ietf.org>
Subject: Re: [NGO] comments on CANMOD BoF
X-BeenThere: ngo@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: NETCONF Goes On - discussions on future work and extensions to NETCONF <ngo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ngo>, <mailto:ngo-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/ngo>
List-Post: <mailto:ngo@ietf.org>
List-Help: <mailto:ngo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ngo>, <mailto:ngo-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ngo-bounces@ietf.org
Errors-To: ngo-bounces@ietf.org
Phil Shafer wrote: > Andy Bierman writes: >> I also expect the WG charter to include a coherent and robust plan >> for operational security, that includes a standard access control model. > > Please point us to a usable example of a coherent and robust plan. > Requiring this in the charter for a NETCONF modeling language puts > the cart before the ameoba. The NETCONF WG was already tasked with developing a set of requirements for access control, and this work item was dropped from the charter. IMO, this is in the same category as vendors designing protocols to run over UDP, without any regard for congestion control, and the IESG won't let them standardize that. Oh well. Nice try. I don't have to come up with a complete accepted solution. Neither does a WG creating a standardized NETCONF content solution. IMO, the WG charter must have a coherent plan for all aspects of a secure working NETCONF CM system. Ignoring access control completely is not something the IESG should allow in the charter. > > Thanks, > Phil > > > Andy _______________________________________________ NGO mailing list NGO@ietf.org https://www.ietf.org/mailman/listinfo/ngo
- [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Phil Shafer
- Re: [NGO] comments on CANMOD BoF Yoshifumi Atarashi
- Re: [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Phil Shafer
- Re: [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Phil Shafer
- Re: [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Leif Johansson
- Re: [NGO] comments on CANMOD BoF Phil Shafer
- Re: [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Balazs Lengyel
- Re: [NGO] comments on CANMOD BoF Mehmet Ersue
- Re: [NGO] comments on CANMOD BoF Andy Bierman
- Re: [NGO] comments on CANMOD BoF Jon Saperia
- Re: [NGO] comments on CANMOD BoF David Harrington