[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: referential integrity across reboots (Was: DISMAN Meeting minutes - 0716/02)

To: Randy Presuhn <rpresuhn@dorothy.bmc.com>, ops-area@ops.ietf.org
Subject: RE: referential integrity across reboots (Was: DISMAN Meeting minutes - 0716/02)
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Thu, 25 Jul 2002 11:37:04 +0200
Cc: disman@dorothy.bmc.com

I think this topic belongs more on teh MIBs mailing list 
than on the ops-area list. So pls move to mibs@ops.ietf.org

Randy, maybe you can repost the topic there without a copy
to these 2 lists where we do not want to duplicate the
discussion.

To subscribe to mibs@ops.ietf.org, send email to
majordomo@ops.ietf.org with the in the body of the msg: subscribe

Thanks,
Bert 

> -----Original Message-----
> From: Randy Presuhn [mailto:rpresuhn@dorothy.bmc.com]
> Sent: donderdag 25 juli 2002 3:39
> To: ops-area@ops.ietf.org
> Cc: disman@dorothy.bmc.com
> Subject: referential integrity across reboots (Was: DISMAN Meeting
> minutes - 0716/02)
> 
> 
> Hi -
> 
> > Message-Id: 
> <4.3.2.7.2.20020721145557.016e0690@mira-linc3-1.cisco.com>
> > Date: Sun, 21 Jul 2002 14:59:29 +0900
> > To: "'Randy Presuhn'" <rpresuhn@dorothy.bmc.com>, 
> disman@dorothy.bmc.com
> > From: Niraj Gopal <niraj@cisco.com>
> > Subject: DISMAN Meeting minutes - 0716/02
> > List-Id: IETF disman Working Group mailing list 
> <disman.dorothy.bmc.com>
> ...
> > It was asked if it would be adequate to say in the Security 
> Considerations
> > section that resources with unstable indices (non-persistent) can
> > have problems. Bert pointed out that we need a separate doc as this
> > a generic problem. Randy pointed out that ADSL profiles handle it
> > thru description and that it is a known limitation of VACM.
> > 
> > Action Item - A BCP might be needed for this general referential
> > integrity problem.
> ...
> 
> There were specific people assigned to all the other the
> action items in the minutes.  You know who you are!
> 
> I think further discussion will be necessary to figure out
> what, if anything, to do about this.
> 
> An example of the basic problem is that VACM is based on the
> assumption that the name of an object instance to which access
> is to be controlled will remain the same across reboots.
> For objects whose names change, fine-grained access control
> is problematic.
> 
> However, it's not just a problem with VACM.  It shows up
> anywhere where we can have things like row or instance pointers
> as configuration data that needs to survive a reboot, and
> those pointers can reference objects whose names might change.
> So, for example, the event mib, the alarm mib, the arc mib,
> the expression mib, the notification filtering in RFC 2573,
> rmon's thresholding, and nmpconf pm mib scripts are just a
> few examples of things that could run afoul of this.
> 
> To the extent that this isn't specifically a distributed
> management problem, let's move the followup discussion to
> the ops-area@ops.ietf.org mailing list.  No need to CC the
> disman list in followup postings.
> 
>  ------------------------------------------------------
>  Randy Presuhn          BMC Software, Inc.  1-3141
>  randy_presuhn@bmc.com  2141 North First Street
>  Tel: +1 408 546-1006   San Jose, California 95131  USA
>  ------------------------------------------------------
>  My opinions and BMC's are independent variables.
>  ------------------------------------------------------
>

Prev by Date: referential integrity across reboots (Was: DISMAN Meeting minutes - 0716/02)
Next by Date: "non-subscriber" posts
Previous by thread: referential integrity across reboots (Was: DISMAN Meeting minutes - 0716/02)
Next by thread: "non-subscriber" posts
Index(es):
- Date
- Thread