----- Original Message ----- From: "Joe Touch" <[email protected]> To: "t.petch" <[email protected]> Cc: "Christopher Morrow" <[email protected]>; <[email protected]> Sent: Friday, August 12, 2011 6:56 PM > > > On 8/12/2011 2:48 AM, t.petch wrote: > > I notice that there is no mention of which range the port number should be from, > > in section 12. > > > > This has been a hot topic with TSVWG, so if guidance can be given - eg we do not > > care - then that could forestall later debate. > > Hi, Tom, > > The general issue of the difference in the "system" (privileged) and > "user" (non-privileged) ports has been a topic on TSVWG, but not > recently and not in this specific context AFAICT. There is a move afoot > for many years to deprecate the difference between the ranges, but it > doesn't appear to be going anywhere quickly. > > If you can provide a pointer otherwise, let me know.
Joe, I was thinking, as I am sure you know, of draft-ietf-tsvwg-iana-ports where my recollection is that in WGLC, last December, the issue of unifying the two ranges did get raised and was declared out of scope. Then in IETF LC, in January, there were comments that the I-D did not give enough guidance to IANA as to what to do when reviewing a request, the underlying concern being that ports are a scarce resource and should be conserved. At that time, the concern was more that protocols should not be allowed a second port for security but should be designed to negotiate security in-band:-( but I read into that the concern as also being that system ports are even more scarce and so the rules should be tighter. I also recall a TLS discussion as to whether two ports are better than one for security, with no clear consensus emerging. So I anticipate some more discussion along these lines at IETF LC and would like us to have an answer ready. Two system ports would seem to be the most demanding request to make and so the one needing the most justification. As you say, netconf over ssh went 'system', but netconf over TLS did not, nor did SNMP over ssh. Tom Petch. > > There have been very few recent assignments to the system range, notably > netconf over ssh this past year. > > IMO, this does belong in the system range, but it's your decision. > > Joe _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
