Issue: SFTP and SCP has been left out as explicit managed administrative protocols.
Submitter name: Mauricio Sanchez
Submitter email address: mauricio.sanchez@hp.com
Date first submitted: 5/9/2005
Reference:
Document: draft-nelson-radius-management-authorization-01.txt
Comment type: T
Priority: S
Section: 8.1, 8.2
Rationale/Explanation of issue: see below
Length description of problem
SFTP and SCP should be treated seperately from SSH-based console access. SFTP and SCP are SSH-based file transfer services and should not implicity be lumped with console based access.
Requested change:
Suggest that a new values (4) and (5) be allocated under the 'Framed-Management-Protocol' (section 8.1) or the 'Non-Framed-Managed-Protocol' (section 8.2) attribute for SFTP and SCP protocols, respectively. It's not clear to me whether SCP and SFTP should be considered a framed or non-framed protocol. Moreover, draft should elaborate on the explicit meaning of SSH being used in only a console access role for administrative purposes (which is it's nominal role anyway).
--------------------------------------------
Mauricio Sanchez, CISSP
Network Security Architect
Procurve Networking Business
Hewlett Packard
8000 Foothills Boulevard, ms 5555
Roseville CA, 95747-5557
916.785.1910 Tel
916.785.1815 Fax
mauricio.sanchez@hp.com
--------------------------------------------