Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 RFC 4247 Update Status draft-ietf-netconf-rfc4742bis-01.txt Margaret Wasserman IETF 78, Maastricht July 26, 2010.

Published byBenjamin Burke Modified over 7 years ago

Similar presentations

Presentation on theme: "1 RFC 4247 Update Status draft-ietf-netconf-rfc4742bis-01.txt Margaret Wasserman IETF 78, Maastricht July 26, 2010."— Presentation transcript:

1 1 RFC 4247 Update Status draft-ietf-netconf-rfc4742bis-01.txt Margaret Wasserman IETF 78, Maastricht July 26, 2010

2 2 Status Document last updated in June 2010 Two issues raised: –Additional tuning needed for operation vs. command wording. Resolved on list, resolution confirmed on July 15, 2010. –SSH user name issues raised by Juergen Schoenwaelder. Not yet resolved.

3 3 SSH Username Issue RFC 4741bis has been updated to say: –The authentication process MUST result in an authenticated client identity whose permissions are known to the server. So, the NETCONF over SSH spec must state how the NETCONF application running on the SSH server can obtain a user name. However, here is no standard way for an application running on an SSH server to determine a user name for the current a session.

4 4 Possible Solution #1 For each SSH authentication protocols, state whether the SSH user name is found in SSH_MSG_USERAUTH_REQUEST. If not, state how it should be found instead. Issues: violates abstraction, bypasses implementation-supported ways to get this information, some SSH servers modify client- provided user name to get actual local user name (e.g. mrw => lilac\mrw on Windows).

5 5 Possible Solutions #2 RFC 5592 (the SSH model for SNMP) says in section 4.1.1, “How the SSH user name is extracted from the SSH layer is implementation-dependent.” Would it be acceptable to similarly state that the method to obtain a user name in NETCONF over SSH is implementation-dependent?

Download ppt "1 RFC 4247 Update Status draft-ietf-netconf-rfc4742bis-01.txt Margaret Wasserman IETF 78, Maastricht July 26, 2010."

Similar presentations

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Draft-ietf-sipping- offeranswer- 02 Primary author: Takuya Sawada Presenting: Paul Kyzivat IETF-69 July,2007.

Draft-ietf-sipping- offeranswer- 02 Primary author: Takuya Sawada Presenting: Paul Kyzivat IETF-69 July,2007.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.
Software environment Sander Stuijk January 18th, 2006.

Software environment Sander Stuijk January 18th, 2006.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Hands-On Microsoft Windows Server 2008 1 Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.

Hands-On Microsoft Windows Server Connecting Through Terminal Services Terminal server – Enables clients to run services and software applications.
Computation for Physics 計算物理概論 Introduction to Linux.

Computation for Physics 計算物理概論 Introduction to Linux.
HIP API issues in base spec Tom Henderson IETF-59, March 3, 2004.

HIP API issues in base spec Tom Henderson IETF-59, March 3, 2004.
User Authentication By Eric Sita. Message Security Privacy: To expect confidentiality from a sender. Authentication: To be sure of someone's identity.

User Authentication By Eric Sita. Message Security Privacy: To expect confidentiality from a sender. Authentication: To be sure of someone's identity.
draft-ietf-netconf-call-home-01

draft-ietf-netconf-call-home-01
XCON Interim Meeting Boston, MA May 26, 2004. Note Well All statements related to the activities of the IETF and addressed to the IETF are subject to.

XCON Interim Meeting Boston, MA May 26, Note Well All statements related to the activities of the IETF and addressed to the IETF are subject to.
Python and REST Kevin Hibma. What is REST? Why REST? REST stands for Representational State Transfer. (It is sometimes spelled ReST.) It relies on a.

Python and REST Kevin Hibma. What is REST? Why REST? REST stands for Representational State Transfer. (It is sometimes spelled "ReST".) It relies on a.
Netconf Monitoring IETF 70 Mark Scott Sharon Chisholm Hector Trevino

Netconf Monitoring IETF 70 Mark Scott Sharon Chisholm Hector Trevino
Draft-thomson-geopriv-res-gw-lis-discovery Ray Bellis Nominet UK IETF79.

Draft-thomson-geopriv-res-gw-lis-discovery Ray Bellis Nominet UK IETF79.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # 70-643) Chapter Four Windows Server 2008 Remote Desktop Services,

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
IETF 61 (November 2004) MMUSIC1 Application sharing Henning Schulzrinne Jonathan Lennox Jason Nieh Ricardo Baratto Columbia University.

IETF 61 (November 2004) MMUSIC1 Application sharing Henning Schulzrinne Jonathan Lennox Jason Nieh Ricardo Baratto Columbia University.
User Access to Router Securing Access.

User Access to Router Securing Access.
Identities and Network Access Identifier in M2M Page 1 © 2010 3GPP2 3GPP2 and its Organizational Partners claim copyright in this document and individual.

Identities and Network Access Identifier in M2M Page 1 © GPP2 3GPP2 and its Organizational Partners claim copyright in this document and individual.
Project Moonshot update ABFAB, IETF 80. About Moonshot Moonshot is implementing ABFAB Developer meeting, 24 March 2011 Testing event, 25 March 2011 A.

Project Moonshot update ABFAB, IETF 80. About Moonshot Moonshot is implementing ABFAB Developer meeting, 24 March 2011 Testing event, 25 March 2011 A.

Similar presentations

Ads by Google