On Fri, Jul 08, 2011 at 11:36:26AM +0800, [email protected] wrote: > Our security considations are as follows: > There are three solutions to the security problem in SNMP Usage for > RELOAD. The first option is shared key based solution, which is SNMPv3 > security solution (USM). The second option is PKI based security solution, > which is to use the certificate of RELOAD to authenticate and encrypt the > SNMP messages. The third option is DTLS based security solution, which > uses the secure DTLS links to transfer the SNMP message. > The second and third options aren’t supported by current SNMP manager and > agent, and need large changes.
Are you aware that SNMP over DTLS has recently been advanced to Draft Standard, after interoperability testing of several SNMP stacks? /js -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
