[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Review of Management Authorization -00 document



What does Web-based mean?  Is it something other than HTTP?

No, but HTTP can be used for other things that a web page (HTML), for
example NETCONF (XML) over HTTP.  This was to distinguish "classic"
web-based management interfaces from other things that might use the HTTP
transport.

OK.  You might say "HTTP/HTML" or something like that.

It might mean that, assuming that the standard transport used is one of
those.  For example, for web-based management (HTML over HTTP) the default
transport is TCP.

I thought you need to specify what "default" means for each Framed-Management entry.

Does SNMP over Default mean SNMP over UDP or TCP?

The default transport for SNMP is UDP.

Is it possible to specify SNMP over TCP? TCP is not on the list of transports.

With respect to TLS/DTLS, what mode is intended?  Mutual auth with certs?
Server-only auth?  TLS-PSK?

This document doesn't go into that level of NAS configuration detail.  Do
you think those parameters ought to be provisioned via RADIUS attributes?

Personally, I prefer that they not be. But without specifying exactly what is meant, it's not clear what "TLS" means. For example, you might say "TLS with server-side authentication".

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>