[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NETCONF over TLS

To: Eliot�Lear� <lear@cisco.com>
Subject: Re: NETCONF over TLS
From: badra@isima.fr
Date: Sun, 17 Jun 2007 18:54:02 +0200 (CEST)
Cc: Andy�Bierman� <ietf@andybierman.com>, �Netconf�� <netconf@ops.ietf.org>
In-reply-to: <46754C58.3060603@cisco.com>
References: <46729B3B.9090403@andybierman.com> <46754C58.3060603@cisco.com>
User-agent: SquirrelMail/1.4.2

Hi Lear,

> When you add the "simple framing" used
> in SSH, you end up with something that is only slightly less complex
> than BEEP but with no libraries, and from a performance perspective
> requires a content scan.  Far better to use BEEP which has a byte count.

I won't make a comparison for the moment between SSH and TLS to defend
this latter but IMHO, all the points you listed above are given in a
fashion way within NETCONF over TLS:

- The document implements the same SSH "simple framing"
- The content scan and byte count should be done at the TLS Record layer.

Best regards,
Badra

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

Follow-Ups:
- Re: NETCONF over TLS
  - From: Eliot Lear <lear@cisco.com>

References:
- NETCONF over TLS
  - From: Andy Bierman <ietf@andybierman.com>
- Re: NETCONF over TLS
  - From: Eliot Lear <lear@cisco.com>

Prev by Date: Re: �NETCONF�over�TLS
Next by Date: Re: NETCONF over TLS
Previous by thread: Re: NETCONF over TLS
Next by thread: Re: NETCONF over TLS
Index(es):
- Date
- Thread