On Fri, Sep 12, 2014 at 05:09:13PM -0400, Jeffrey Haas wrote: > With some help from Kent, Dean and Alia, I've put together a rough first > draft of requirements I2RS has on netmod/netconf. It should be strongly > noted that due to a confluence of a lot of bad timing (travel, vacation, > etc.) I didn't have time to more broadly reach out and involve interested > parties. >
[...] > > Comments are appreciated. Flames are not unexpected. > Thanks Jeff for putting this together. Concerning section 2.1.1, I am not sure I agree with: The SSH transport does not mandate authentication be done; it is an optional feature. RFC 6242 says: The identity of the SSH server MUST be verified and authenticated by the SSH client according to local policy before password-based authentication data or any configuration or state data is sent to or received from the SSH server. The identity of the SSH client MUST also be verified and authenticated by the SSH server according to local policy to ensure that the incoming SSH client request is legitimate before any configuration or state data is sent to or received from the SSH client. Neither side should establish a NETCONF over SSH connection with an unknown, unexpected, or incorrect identity on the opposite side. I also think that NC over TLS requires that both sides authenticate and verify the certificates. I think as far as NETCONF is concerned, all transports do actually mutual authentication. Perhaps there is confusion here with RESTCONF where the current wording may be read as authentication is optional. But then, this is not past the IESG yet. ;-) /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
