[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: security issues

To: "Sandeep Adwankar" <sandeep.adwankar@motorola.com>
Subject: RE: security issues
From: "Rob Enns" <rpe@juniper.net>
Date: Mon, 14 Jun 2004 11:46:57 -0700
Cc: "Cristian Cadar" <Cristian.Cadar@netlab.nec.de>, <netconf@ops.ietf.org>

The big reason SSH was chosen is that operators said they
preferred it. Operators are already doing key management for SSH,
they know how to administer it, there are already holes in
their firewalls for it (where appropriate), and they are 
comfortable with scripting via SSH.

thanks,
 Rob

> -----Original Message-----
> From: Sandeep Adwankar [mailto:sandeep.adwankar@motorola.com] 
> Sent: Monday, June 14, 2004 9:57 AM
> To: Rob Enns
> Cc: Cristian Cadar; netconf@ops.ietf.org
> Subject: Re: security issues
> 
> Is it possible to document reasons behind mandating ssh in the NetConf
> draft. Particularly, I will like to understand reasons behind 
> mandating
> ssh
> over TLS. TLS has wide support and can provide ubiquitous substrate
> on most platforms. For example, it's trivial to build management
> application that uses TLS with support of Java APIs but there are no
> Java API's for SSH. There are no published RFC's on SSH, so
> it's relatively early to expect support on all platforms.
> 
> Thanks
> Sandeep
> 
> Rob Enns wrote:
> 
> > At the NETCONF meeing in Seoul, the WG indicated that SSH should
> > be the mandatory substrate for NETCONF. The draft will be cleaned
> > up to reflect this decision.
> >
> > thanks,
> >  Rob
> >
> > > -----Original Message-----
> > > From: owner-netconf@ops.ietf.org
> > > [mailto:owner-netconf@ops.ietf.org] On Behalf Of Cristian Cadar
> > > Sent: Friday, May 28, 2004 8:02 AM
> > > To: netconf@ops.ietf.org
> > > Subject: security issues
> > >
> > > Hi,
> > >
> > > In order to have a secure communication between peers the
> > > draft mentions
> > > the usage of the Radius, TLS or SSH protocol. Why IPsec is
> > > not taken into account here?
> > > Which one of the protocols above is preferred/mandatory in
> > > NETCONF, if any?
> > >
> > >
> > > TNX
> > > Cristian
> > >
> > >
> > > --
> > > to unsubscribe send a message to netconf-request@ops.ietf.org with
> > > the word 'unsubscribe' in a single line as the message text body.
> > > archive: <http://ops.ietf.org/lists/netconf/>
> > >
> > >
> >
> > --
> > to unsubscribe send a message to netconf-request@ops.ietf.org with
> > the word 'unsubscribe' in a single line as the message text body.
> > archive: <http://ops.ietf.org/lists/netconf/>
> 
> 
> 

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Prev by Date: Re: security issues
Next by Date: I-D ACTION:draft-ietf-netconf-prot-03.txt
Previous by thread: Re: security issues
Next by thread: sub-tree filtering proposals
Index(es):
- Date
- Thread