[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Misc security considerations on the current netconf draft

To: Wes Hardaker <wjhns1@hardakers.net>
Subject: Re: Misc security considerations on the current netconf draft
From: Eliot Lear <lear@cisco.com>
Date: Fri, 21 May 2004 13:12:00 +0200
Cc: netconf@ops.ietf.org
In-reply-to: <sdu0ycs6kj.fsf@wes.hardakers.net>
References: <sdu0ycs6kj.fsf@wes.hardakers.net>
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7) Gecko/20040514

[This is my third attempt at writing a response, so I'm going to keep it short and ask brief questions.]

Wes,

Is your requirement that we specify an ACL model now? Truth be told we could specify a rudimentary one without much difficulty.

I do not share your concern about mixed models. I think it's still left to the device to validate commands as authentic from a configuration file, no matter its source. I think of it no differently than a UNIX script (without setuid capability).

Eliot


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: Misc security considerations on the current netconf draft
  - From: Wes Hardaker <wjhns1@hardakers.net>

References:
- Misc security considerations on the current netconf draft
  - From: Wes Hardaker <wjhns1@hardakers.net>

Prev by Date: Re: Arrays and Hashes
Next by Date: Re: Misc security considerations on the current netconf draft
Previous by thread: Misc security considerations on the current netconf draft
Next by thread: Re: Misc security considerations on the current netconf draft
Index(es):
- Date
- Thread