RE: survey of isp security practices

["Howard C. Berkowitz" <hcb@gettcomm.com>]

At 9:26 AM -0500 11/18/04, David B Harrington wrote:
> Hi Howard,
>
> Can you identify which mail you are responding to, so we can
> understand your comment better?
> Which architectural models still under development are you referring
> to?
>
> David Harrington
> dbharrington@comcast.net

A couple of things, cited below. I would suggest that at least the 
current practice document contain, in the introduction, the caveat 
that it refers to real implementations. The more general requirements 
document could carry a "softer" caveat, indicating it would only 
identify clear requirements for which there are no available tools.

At 10:42 PM +0000 11/17/04, Christopher L. Morrow wrote:
> On Wed, 17 Nov 2004, George Jones wrote:
>
> >  On Sun, 14 Nov 2004 18:54:58 -0800, Randy Presuhn
> >  <randy_presuhn@mindspring.com> wrote:
> >  > Hi -
> >  > > From: "Merike Kaeo" <kaeo@merike.com>
> >  > > To: <opsec@ops.ietf.org>
> >  > > Sent: Tuesday, November 09, 2004 4:03 AM
> >  > > Subject: survey of isp security practices
> >  > ...
> >  > >     4.  Authentication / Authorization
> >  > In this, or the updated structure, any discussion of authentication
> >  > and authorization would be incomplete if it didn't address user,
> >  > access control list, and key management.
> >
> >  The scope here is core network device capabilities.
> >  I would submit that, given protocols such as RADIUS (Diameter, TACACS)
> >  that user mangement is largely an external issue (it happens on the
> >  RADIUS server, etc).   The important bit is that the device needs to
> >  be able to talk to the  [radius] server, be sure which server it's talking
> >  to, and be able to get authentication and authorization data (per 
> > command...your
> >  "access control lists ?") from the server.
>
> managing local users on devices is non-scalable and a dead art... as
> George said.


At 3:05 PM -0800 11/17/04, David T. Perkins wrote:
> On Wed, 17 Nov 2004, Christopher L. Morrow wrote:
> ...
> >  managing local users on devices is non-scalable and a dead art... as
> >  George said.
>
> That is one of the reasons for creating a new "security model"
> for SNMPv3. The SNMPv3 term "security model" is includes:
> 1) the means for authenticating "security principals"
> 2) how message integrity (message modification, replay,
>    and binding with a security principal) is accomplished
> 3) how message confidentiality (encryption) is accomplished
>
> The only currently defined security model for SNMPv3 is
> the "User Security Model" (USM), and it is a "local user"
> data base called by the SNMPv3 the local configuration
> datastore (LCD).
>
> The ISMS WG is working on a new security model for SNNPv3
> that will use existing security infrastructures such as
> Radius.


> >  -----Original Message-----
> >  From: owner-opsec@psg.com [mailto:owner-opsec@psg.com] On
> >  Behalf Of Howard C. Berkowitz
> >  Sent: Wednesday, November 17, 2004 6:25 PM
> >  To: opsec@ops.ietf.org
> >  Subject: Re: survey of isp security practices
> >
> >  Might I observe that a document called "Survey of ISP
> >  Security Practices" isn't necessarily a logical place for
> >  functions for which the architectural models are still under
> >  development?  Perhaps there is a place for a new document
> >  "Requirements for (new) ISP Security Practices", but the
> >  value of the current one seems to be what people actually do.
> >  If they do things that have problems with scalability, it
> >  still may be relevant to note the technique, its limitations,
> >  and move on.