[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Isms] RE: Follow up on Authorize Only issue

To: <isms@ietf.org>, <radiusext@ops.ietf.org>
Subject: RE: [Isms] RE: Follow up on Authorize Only issue
From: "Nelson, David" <dnelson@enterasys.com>
Date: Wed, 26 Jul 2006 14:20:54 -0400

Juergen Schoenwaelder writes...
 
> Given our current charter, I like to see the RADIUS document we are
> chartered to produce focus on the RADIUS SSH user authentication and
> RADIUS authorization of the SSH SNMP subsystem.

We'll omit any discussion of "fine grained" access control, i.e.
anything other than whether the SSH server should offer to make a
connection to the SNMP engine, in the -01 version.

> Note that this does of course not impact the RADEXT document which
> may define all attributes needed to address all the RADIUS related 
> ISMS requirements.

OK, thanks.

> I actually like to encourage people to write a document which 
> explains how VACM can utilize RADIUS to provision the security 
> name to group name mapping and to post such a document as an 
> individual draft.

I also think that would be useful, and predict that folks are likely to
implement such a scheme, whether ISMS takes it up or not.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Follow up on Authorize Only issue (was RE: [Isms] ISMS session
Next by Date: RE: [Isms] RE: Follow up on Authorize Only issue
Previous by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Next by thread: RE: [Isms] RE: Follow up on Authorize Only issue
Index(es):
- Date
- Thread