Re: NETCONF over TLS

[Mohamad Badra <badra@isima.fr>]

Eliot Lear a écrit :
> and you are going to do it far less functionally.

Hi Eliot,

I don't think I re-invent anything, especially the "TLS profile for BEEP".
I proposed to adopt the <request-login> of JUNOS because I estimated 
that people wish a NETCONF-specific authentication mechanism. Maybe I 
misestimated.

Again, I don't want to compare existing solutions to TLS but I think all 
existing security protocols for NETCONF, excepting SSH, rely on TLS and 
require one or more sub-protocols to be implemented.

What the document does propose is simplifying the TLS's use. As to 
<request-login>, almost all existing applications have their specific 
authentication and/or authorization mechanisms.

Between, could you please tell what "far less functionally" does mean?

> Eliot

Best regards,
--
Mohamad Badra
CNRS - LIMOS Laboratory


--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>