[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On SSH ports

To: lear@cisco.com
Subject: Re: On SSH ports
From: Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de>
Date: Thu, 5 Feb 2004 21:46:42 +0100
Cc: netconf@ops.ietf.org
In-reply-to: <402290F0.5050203@cisco.com> (message from Eliot Lear on Thu, 05 Feb 2004 13:52:32 -0500)
References: <5.1.0.14.2.20040204144303.03c71598@ms101.mail1.com> <200401300758.i0U7wmBE030236@idle.juniper.net> <200401300758.i0U7wmBE030236@idle.juniper.net> <5.1.0.14.2.20040204144303.03c71598@ms101.mail1.com> <5.1.0.14.2.20040205124557.03d00fa8@ms101.mail1.com> <402290F0.5050203@cisco.com>

>>>>> Eliot Lear writes:

Eliot> Egads...  I could argue either side of the port issue for SSH.
Eliot> One the one hand, its primary use in NETWORK devices today is
Eliot> configuration, and so since the primary use isn't really
Eliot> changing, the port doesn't need to and shouldn't change.

Eliot> On the other hand, if the primary use becomes something OTHER
Eliot> than network configuration (and there might be a good argument
Eliot> for this), then we should get this right the first time and use
Eliot> a different port.

Eliot> Do I have the parameters of the decision about right?

Do you run IMAP over the POP port just because the function of both is
to some extend similar??

We are talking here about a new protocol named netconf which uses ssh
purely as a mechanism to achieve cheap security. So it seems just
natural to give the new protocol its own port number.

The way we use ssh is similar to using TLS. And IMAP over TLS and SMTP
over TLS still use the IMAP and the SMTP ports, not a TLS port number.

Unless I completely misunderstand the layering we are doing, I would
argue for netconf port number just for purely architectural reasons.

[I realize that in the "run everything over HTTP world", people look
 at this issue differently and netconf over SOAP might end up on port
 80, but this we probably can't fix anymore.]

/js

-- 
Juergen Schoenwaelder		    International University Bremen
<http://www.eecs.iu-bremen.de/>	    P.O. Box 750 561, 28725 Bremen, Germany

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: On SSH ports
  - From: Eliot Lear <lear@cisco.com>

References:
- Re: Ever onward
  - From: Margaret Wasserman <margaret@thingmagic.com>
- Ever onward
  - From: Phil Shafer <phil@juniper.net>
- Re: Ever onward
  - From: Margaret Wasserman <margaret@thingmagic.com>
- On SSH ports
  - From: Eliot Lear <lear@cisco.com>

Prev by Date: Re: Ever onward
Next by Date: Re: On SSH ports
Previous by thread: Re: On SSH ports
Next by thread: Re: On SSH ports
Index(es):
- Date
- Thread