In the days of MIBs, we used to omit key strings from the data that would be returned. This was ostensibly done for security purposes. We did the same for the operational state returned for keystring in key-chain-entries. I'm now thinking this was a mistake. Rather, it would seem that one could use RFC 6536 rules to accomplish this at a more granular level.
Note that the model also support keystring encryption as described in RFC 5649. Thanks, Acee
_______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
