Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-reverse-ssh
Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de> Tue, 19 July 2011 18:17 UTC
Return-Path: <j.schoenwaelder@jacobs-university.de>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6A02228017; Tue, 19 Jul 2011 11:17:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.802
X-Spam-Level:
X-Spam-Status: No, score=-102.802 tagged_above=-999 required=5 tests=[AWL=0.447, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y9RvhkRPfrkT; Tue, 19 Jul 2011 11:17:50 -0700 (PDT)
Received: from hermes.jacobs-university.de (hermes.jacobs-university.de [212.201.44.23]) by ietfa.amsl.com (Postfix) with ESMTP id 5D6C811E8070; Tue, 19 Jul 2011 11:17:50 -0700 (PDT)
Received: from localhost (demetrius3.jacobs-university.de [212.201.44.48]) by hermes.jacobs-university.de (Postfix) with ESMTP id 5638F20BE8; Tue, 19 Jul 2011 20:17:49 +0200 (CEST)
X-Virus-Scanned: amavisd-new at jacobs-university.de
Received: from hermes.jacobs-university.de ([212.201.44.23]) by localhost (demetrius3.jacobs-university.de [212.201.44.32]) (amavisd-new, port 10024) with ESMTP id mWkRvirel6jt; Tue, 19 Jul 2011 20:17:48 +0200 (CEST)
Received: from elstar.local (elstar.jacobs.jacobs-university.de [10.50.231.133]) by hermes.jacobs-university.de (Postfix) with ESMTP id D321A20BDA; Tue, 19 Jul 2011 20:17:47 +0200 (CEST)
Received: by elstar.local (Postfix, from userid 501) id 2C2EC1A0F3AE; Tue, 19 Jul 2011 20:17:46 +0200 (CEST)
Date: Tue, 19 Jul 2011 20:17:45 +0200
From: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
To: Randy Presuhn <randy_presuhn@mindspring.com>
Message-ID: <20110719181745.GA70006@elstar.local>
Mail-Followup-To: Randy Presuhn <randy_presuhn@mindspring.com>, opsawg@ietf.org, netconf@ietf.org
References: <84600D05C20FF943918238042D7670FD3E8429F313@EMBX01-HQ.jnpr.net> <20110713044711.GA80654@elstar.local> <84600D05C20FF943918238042D7670FD3E8429F98E@EMBX01-HQ.jnpr.net> <01c401cc45ed$07d58060$4001a8c0@gateway.2wire.net> <20110719102454.GA67454@elstar.local> <004b01cc463c$b25b1f00$6801a8c0@oemcomputer>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <004b01cc463c$b25b1f00$6801a8c0@oemcomputer>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: opsawg@ietf.org, netconf@ietf.org
Subject: Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-reverse-ssh
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Juergen Schoenwaelder <j.schoenwaelder@jacobs-university.de>
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsawg>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 18:17:54 -0000
On Tue, Jul 19, 2011 at 10:52:57AM -0700, Randy Presuhn wrote: > At the risk of an infinite loop... > At the SNMP level, wouldn't defining an appropriate notification type > for "call home" be sufficient? It seems to me the necessary document > is one little notification type and a lot of applicability statement. ISMS ended up not sending notifications over SSH sessions (or DTLS session) initiated by a management system, this is very different from how NETCONF notifications work. And the way access control is done in SNMP land on outgoing notifications and the identity of what is being authenticated by SNMP (transport) security models all adds its share of complexity. So yes, lets not get into a loop. Even though I understand how ISMS ended up with what we have now, I do not consider the solution that came out of ISMS a particularly practical solution and I can only encourage people to try to solve "call home" in a more generic way. Perhaps this time there is more success. /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Bert (IETF) Wijnen
- [OPSAWG] guidance on draft-kwatsen-reverse-ssh Kent Watsen
- Re: [OPSAWG] guidance on draft-kwatsen-reverse-ssh Juergen Schoenwaelder
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Kent Watsen
- Re: [OPSAWG] guidance on draft-kwatsen-reverse-ssh Kent Watsen
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Kent Watsen
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… t.petch
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Juergen Schoenwaelder
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Randy Presuhn
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Randy Presuhn
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Andy Bierman
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Juergen Schoenwaelder
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Phil Shafer
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Kent Watsen
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… t.petch
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… t.petch
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… Kent Watsen
- Re: [OPSAWG] [Netconf] guidance on draft-kwatsen-… t.petch