Hi Bert,
[Note that this reply was sent to the 'pwg at pwg.org' list
- discussions are supposed to be moved off of
'pwg-announce at pwg.org]
Thanks for your corrections.
I _have_ read Wes Hardaker's I-D on SBSM and was very
impressed.
The fact that (up until now) SNMPv3 secure deployment
required unique key management and key distribution
infrastructure has been (for the printer vendors that
I've consulted with) a perceived deterrent to upgrading
their products to support SNMPv3.
I forwarded the BOF announcement to the PWG announce
list in the hope that PWG members would read the I-D
and contribute to the discussion (if an IETF WG is in
fact chartered).
Printer vendors are rather closely in touch with the
operating system environments - they have to keep
building (and unfortunately giving away) printer
drivers and print clients. But printer vendors are
usually somewhat less informed on developments in
network protocols and network infrastructure.
Cheers,
- Ira
Ira McDonald (Musician / Software Architect)
Blue Roof Music / High North Inc
PO Box 221 Grand Marais, MI 49839
phone: +1-906-494-2434
email: imcdonald at sharplabs.com
-----Original Message-----
From: Wijnen, Bert (Bert) [mailto:bwijnen at lucent.com]
Sent: Friday, November 07, 2003 7:58 PM
To: McDonald, Ira; pwg-announce at pwg.org
Subject: RE: PWG-ANNOUNCE> FW: IETF BOF Announcement: A Session-based
Secu rity Model for SNM P
Ira, I think you are a bit too optimistic here.
First, it is a BOF.
A BOF is NOT a WG and it is to gauge interest in the ideas
and to see if there are enough volunteers to do the required work
and if the work makes sense at all.
Then, Wes is not an IETF AD (at least not that I know of).
But even if he were, the fact that an AD is a co-author or
a BOF chair does not mean that the work just gets accepted.
It all will be based on evaluations and on (rough) consensus.
If the PRINT-MIB people believ that this is important, and if they
believe they want to change all their agents to change/update the
SNMP engines, then they should read the documents, subscribe to the
mailing list and participate.
Thanks,
Bert
> -----Original Message-----
> From: McDonald, Ira [mailto:imcdonald at sharplabs.com]
> Sent: vrijdag 7 november 2003 18:07
> To: pwg-announce at pwg.org> Subject: PWG-ANNOUNCE> FW: IETF BOF Announcement: A Session-based
> Security Model for SNM P
>>> Hi folks,
>> Below is an announcement of an IETF BOF next week on SBSM
> (Session Based Security Model) for SNMPv3, which SOLVES
> the key distribution problem of SNMPv3 by creating real
> sessions between SNMP clients (managers) and SNMP servers
> (devices) using EXISTING native operating system and
> network environment password- and certificate-based
> security.
>> The SBSM model is likely to rapidly bring SNMPv3 strong
> security into the mainstream of networked products in
> the coming year.
>> The co-chair, Wes Hardaker, is an IETF Area Director and
> the principal author of the Net-SNMP (formerly UCSD-SNMP)
> open software SNMPv3 libraries (also noteworthy).
>> The other co-chair, David Perkins, is the well-known
> author of the state-of-the-art SMICng MIB compiler.
>> Cheers,
> - Ira
>> Ira McDonald (Musician / Software Architect)
> Blue Roof Music / High North Inc
> PO Box 221 Grand Marais, MI 49839
> phone: +1-906-494-2434
> email: imcdonald at sharplabs.com>> -----Original Message-----
> From: Wes Hardaker [mailto:hardaker at tislabs.com]
> Sent: Wednesday, November 05, 2003 10:22 PM
> To: ietf at ietf.org> Cc: snmpv3 at lists.tislabs.com> Subject: BOF Announcement: A Session-based Security Model for SNMP
>>> Session Based Security Model for SNMPv3 BOF (sbsm)
>> Wednesday, November 12 at 1530-1730
> ==================================
>> BOF CHAIRS: Wes Hardaker <hardaker at tislabs.com>
> David Perkins <dperkins at dsperkins.com>
>> READING MATERIAL:
> draft-hardaker-snmp-session-sm-00.txt
> From the Abstract:
> This document describes a Session Based Security Model (SBSM)
> for use within the Simple Network Management Protocol (SNMP).
> The security model is designed to establish a "session" between
> two interacting hosts, over which SNMP operations can be sent.
> It provides a number of security properties not previously
> available in [currently] defined SNMP security models, such as
> public key based authentication, limited life-time keying, and
> the ability to make use of previously implemented and deployed
> security infrastructures for purposes of identification and
> authentication.
>> AGENDA:
>> Draft agenda for the BOF:
> ----------------------------------------------------------------------
> Agenda Bashing 5 min
> Introduction to the problem space 10 min
> draft-hardaker-snmp-session-sm-00.txt 20 min
> Discussion remaining time
>> Mailing Lists:
>sbsm at machshav.com> To (un)subscribe:
>sbsm-request at machshav.com> Archive and general information:
>https://www.machshav.com/mailman/listinfo/sbsm>> Description of Working Group:
>> The SBSM working group will focus on creating a new session-based
> security model [for SNMPv3] that will meet the security and
> operational needs of network administrators.
>> Work Items
>> - A document describing a session-based security model for the
> SNMPv3's protocol.
>> Goals and Milestones:
>> Mar 04 Initial draft(s) defining the SBSM security model
> to be completed so reference implementations can begin.
>> Nov 04 Work submitted to the IESG to publish as a proposed
> standard RFC.
>> --
> Wes Hardaker
> Sparta
>