IETF Logo Mail Archive

[OPSAWG] Fw: I-D Action: draft-vishwakarma-opsawg-ssh-cert-radius-02.txt

tom petch <ietfid@btconnect.com> Fri, 31 December 2021 16:34 UTC

Return-Path: <ietfid@btconnect.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A229D3A0975 for <opsawg@ietfa.amsl.com>; Fri, 31 Dec 2021 08:34:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Ws1-8CcNmIU for <opsawg@ietfa.amsl.com>; Fri, 31 Dec 2021 08:34:42 -0800 (PST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150102.outbound.protection.outlook.com [40.107.15.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 303DA3A0922 for <opsawg@ietf.org>; Fri, 31 Dec 2021 08:34:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HKZvRbou2z5sXvlNMEDVbr7LKJfr78uFwgJG8PJ9WTQER3TMJeyWlhUtlTVXTl2Wfoze9qTsPROCPvVUwqeyAzwSUlgyO5HciJlawBu2NjESOzGTTivACHuxKhK0QcUVlNjbUNwtSXXBT/QpyDzY/JBhtgmv65ueCcvdp7MAMK5F5WRzvyCtD9WiP4VIrt4kZEYJWQE8TGvin3aU+0ecKEib7pQAT6mKr0fvJTpPJGCuBCjDuhzCKoU+SYiM5ta7xe6fMlMvQkQzlDxiU8oc5IAdAQMOZ4bXLkahPS8mNIe6neNlrahAQFowHh7NgHsdA+y+P1rEcYo8MRQi7t6S+w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Cns/rp4A4uD/QiNRz/zh65nxPLiaZ4oWOthifLSDEBo=; b=WDdxkpcL2DrV1Fzaey2egm9EjQf8i3Yp9T8VY7DsePBONTYGp41d2GqPWPvHznNUMiRMZRssrvDjE3ic45b7Hvzb6gbqz8/aLaf4k7JGL/wWBLuE4uUMfYJRed8Cjuuani3F9CGQtPXC+7MRtBOIcuTXGwXj2wLVqD+3ti0mIjmNqvjqmOhzD+Ma5PQOnE6NbOkARsrJwfPMivfqRucUpqlYI8NtSXg1EJ+B0UsbT1IT7t/Lp6+6LSBGCfu26UQXCfmr2kmFCRPt6HwqpllHrQWvLDmBXL8buuHZWlq8yuQR8WmctlVGorDUd9Ld429S+HFy1HUT8BpapPYlfe1lHw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Cns/rp4A4uD/QiNRz/zh65nxPLiaZ4oWOthifLSDEBo=; b=N3mjpA67Rfi0tU/HxHgAOmKHmQB540aq/8+O0zFYbLJYtPx7JJ0/dGqDa1sGg6IxkE5KJOjCl2o0u1gNTHUgYubVIrigmjYRqS06DOAdISvOLiUVm0NvP/JhyrJuQw8GCPTRKwEuXwAKZbzBlxkzH1hotcUYJUThh8zLhvche64=
Received: from VI1PR0701MB7022.eurprd07.prod.outlook.com (2603:10a6:800:17e::19) by HE1PR0702MB3546.eurprd07.prod.outlook.com (2603:10a6:7:8d::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.4; Fri, 31 Dec 2021 16:34:37 +0000
Received: from VI1PR0701MB7022.eurprd07.prod.outlook.com ([fe80::15f1:2d1d:b77a:20a]) by VI1PR0701MB7022.eurprd07.prod.outlook.com ([fe80::15f1:2d1d:b77a:20a%3]) with mapi id 15.20.4867.004; Fri, 31 Dec 2021 16:34:37 +0000
From: tom petch <ietfid@btconnect.com>
To: "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: I-D Action: draft-vishwakarma-opsawg-ssh-cert-radius-02.txt
Thread-Index: AQHX/CAOEzDI8UOyzkOPeDpdb3to+qxMz3wF
Date: Fri, 31 Dec 2021 16:34:37 +0000
Message-ID: <VI1PR0701MB7022849578DBEE6135CEED6CCE469@VI1PR0701MB7022.eurprd07.prod.outlook.com>
References: <164071924247.20775.17467590125210359851@ietfa.amsl.com>
In-Reply-To: <164071924247.20775.17467590125210359851@ietfa.amsl.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: 6cf89f97-2628-a739-ca39-9c2c34128d82
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=btconnect.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2236c470-6d6c-4cc9-1e7a-08d9cc7b6f8a
x-ms-traffictypediagnostic: HE1PR0702MB3546:EE_
x-microsoft-antispam-prvs: <HE1PR0702MB354625CB0194D376F3D8C500CE469@HE1PR0702MB3546.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LM7T4LdAR8NxARM0miso31DR9BlYlm+BPOSgxiIc9mC36Jv+9RclI0Aq10E3IEExPInl3HXRYPxLKIiQb8PqX7BFCWIvBx+ZDkVqqO0NtQCLvjsWXTozVqrTZLVYpEHm+0oLbApgnbRbn4deVkQC48ZvAcTK88PyyO6QeHNtCzdC0ftLIeSFH8dm5+taB+hCVxNZWG6lKWQbKzJpBgEtWQZ812Gm0BHP6ETYzz/9nhf7wbq2TEDLUHv2mb88U26cS9KEGv7jW6CikzGft8oMCSyXtJY5fQ3BJYIiFZVtkIwBQyWyJBMCF0tMNDeBnNbHWj8djxTTAfZ0FU0oWrnOfQLcz16z8nGtcPSNT5V4zRCVll6jBq0zXmXqiHFt4k/iobugDzws9KpPTDrNwFDzeY9XwjUVbWO7PL3RcMQltomKblCqNvQVBco8rCX0lb7XFOkfzyrHsMxgZGN43FWLBPa3Mpau72QOZ6T8Bn0wHVA9SNzaFL6BeJ/+2ErLlv4Lr+8PKns3/4bCZdr7+x9P1EUBQKCGyYVKXQ0t1ltoNuyoCLlKppbDXx6Ml930RaG3ka4uREA48HxUw818XIcq/kVXPBhZ8B2QsBsXHdn+i9LjL4QLurP1yfISqYnvsZgZkr079/HGQdPTsGRE5oGjiQhoUNgSf1fZELLTEO5UgpOnbAJZ6uraUGbliXwb019KMBj5L8YyqqRHEg0AgoJskpFTT4H8mlDR2Ua14tB1iSt8+KMkaVTTqOuhosvRX5zx2HbEV8dpn86EIv0j5aUXdgiSCq1zUlG7FW5kGfRCY1ifmwz6A5YHwYzU6pom0p1ofWeNrYe6ZR6NLaqAwV0oMLOuIt76s3WVFrO4qRayfJzu6GKHpAgvl7Qf2E8wAblK
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR0701MB7022.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(508600001)(966005)(86362001)(66556008)(4001150100001)(76116006)(6916009)(26005)(186003)(91956017)(55016003)(71200400001)(52536014)(2906002)(82960400001)(83380400001)(9686003)(38070700005)(5660300002)(8676002)(66476007)(66946007)(8936002)(7696005)(6506007)(66574015)(64756008)(66446008)(33656002)(316002)(38100700002)(122000001)(20210929001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 7ot5c1W9NxJqiRjsVzu3SAISTdnmpvUPKl0rnmf1+8aAtAxH+xoaSFZmwL1sKkwR59D2IzCkVMzfOsKKR9ecSHm1SUPA5WT62zscOLGgolPZA09hQ4pM2p+OONnz3tWOJykxPnvmlLX3uNEFroSxP7OTdsDNMPLYVKj5oWIVvLLhDNSiMssPdebecjcRH3mwMZ/awN164Djaby2SRkLHqhqD9I6IrJRY/z/pjXTk+VwIFjMgraM/no0NfX4ipmJhQYelQlJTbxkw217PA6YBhToMIu5tgLI7pAWyrxEM1g/GhM/QKMIemRxlTzptMulyTQOV4AGr7YhjEe8Vs8e8RidSdUnTRRa4ABwHbYgKMdxRXKwxe+l/nlnCXeSgzPgaceVRCMBTIe2FBJEe60F9t06dvt2HmoXJ5vMY/WQEA0gef9pb+SpsXtEOO77WwENqQpoD1GCi2sYVfwkwaroB5OiaAF4AyTgjJ6s1mfiBo18xTCOW+sGEciq9SsBfi/Ulk3KNbug7vN3Zuf/9UmFO7LL9LRuSAY3NTAdyN3ssKyYc+MzCzgQVAWNDXb1BGIxFkrg9AuHK1nopHL/wocJ0VT6fOiM/ruzzDXm26QLAyyYexlUXe/KGjS2rgfdI/xvdiJLT5oQ+XbSRZyaC89p7jHWsfJYEjGP/rJEPtvgmbD1f81RjwBO2NLZxNH69F2bCqCE8gTn9GtanP4w1vTw+jQL2hCXC8lViOUstdTpMPYtMEtNtEtnKwpNskSssMwZ9KulxmgnMztsC8PrivcXvVV+z6LHXkGOc6EwJg7xmqYIBAOXW4fdLDVZhtaN8hsXBWV6j/D/mHiYJmC/4TJ90m6NvW50Cl6DeS0wcqxMy5Gm/4zWCf5bwLnwyniQQ+4jQhB3i1D8qTkRdCpQIOEsGFc7NMJvWh+7q0XaQrOhDvH+ys9Zxgfq/stOBhsiqEysiCB1R3wRHmtzrZjXKZg76g6sv7Y3r6jgstvojVhUclNnZgvLIEaOkojk+fwGi9gYc80AlJHLSVMcfEgSz1VjbEvudMMD65acHoInfXCFjr4aAELl9yV8VKRdqV8io6NEc9Ua069p0wH+/DLKGGeOVYxd5C2eV2r4obos4y2ItV6NF07uKA87j9CuDfaIU9liAl7lCs75Xr9+vFYwrk7O6jjit8t8iRW3f5a/5cbhlL6yIMsAmiko+BCa3mxwdARE9mMo+eUoDiiLP+AnZJ8cYOoxFKARsuCsNINbQajNfbh0oA+DVqa0qRlwCv7q1TMUHRL9e+tcVxM/AM9k8grFoLfbj5+qq1l7Nr7A+2eJMA9Ays+3xmPo3+SscliDcKnrVY1okiUWFYSeYTIPk+Y74e1wPZbMGKD9VWso+bDxlNDIOb+Eym2oycM3zQ9W820D2iQMBn0mul1ftD3ws1xQsUjohzLms/bOANpKb+6jYRiAKiu+fjaM29ZpNC/1ZPFEr+V5dz0euR7HYRfM4xv/4uY+DPkA4UGiR2pZpbYWM3tuvJQNuYtShJgNxvZfFryhu6/VykBNGh8+HWAPBq1Jgn4AYIE+xAxT5c7+BZ6c1GxEMqIfJ2DfYaVTTO32tmUVDVw/kof1JLJU78lG9UHLMcg==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR0701MB7022.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2236c470-6d6c-4cc9-1e7a-08d9cc7b6f8a
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Dec 2021 16:34:37.1815 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: CYyZhBpSZB7l96HfQYN+Expm5/v0KRfRrOF3k6XiYLEHlRs3kZtBOoBEaQetOBqPlP6D4WMEqVee1oGUHZ4W2A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3546
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/PyzNbruQpgQBl3gxK18S822FcM8>
Subject: [OPSAWG] Fw: I-D Action: draft-vishwakarma-opsawg-ssh-cert-radius-02.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Dec 2021 16:34:56 -0000

From: I-D-Announce <i-d-announce-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org>
Sent: 28 December 2021 19:20

<tp>
With one Normative Reference for RADIUS, one Normative Reference for TLS, one Normative Reference for EAP and two for SSH, I wonder which WG is best equipped to review this; curdle?

Tom Petch


A New Internet-Draft is available from the on-line Internet-Drafts directories.


        Title           : RADIUS Extension for Certificate-based SSH Authentication
        Authors         : Devendra Vishwakarma
                          Prakash Suthar
                          Vivek Agarwal
                          Anil Jangam
        Filename        : draft-vishwakarma-opsawg-ssh-cert-radius-02.txt
        Pages           : 16
        Date            : 2021-12-28

Abstract:
   A scalable and centralized mechanism is required for a certificate-
   based administrative access to multitude of virtualized and physical
   network functions.  While there are mechanisms that exist today to
   provide secure administrative command-line and API-based access,
   there are certain management and maintenance overheads as well as
   certain scalability challenges related to it.  In this draft we
   discuss these challenges and propose a standardized, centralized
   server-based mechanism to authenticate a user over an SSH session
   using its client certificate.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-vishwakarma-opsawg-ssh-cert-radius/

There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-vishwakarma-opsawg-ssh-cert-radius-02

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-vishwakarma-opsawg-ssh-cert-radius-02


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

v2.23.0 | Report a Bug | By Email