RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

RFC Errata System

A new Request for Comments is now available in online RFC libraries.

       
        RFC 6065

        Title:      Using Authentication, Authorization, and Accounting
                    Services to Dynamically Provision View-Based Access
                    Control Model User-to-Group Mappings
        Author:     K. Narayan, D. Nelson,
                    R. Presuhn, Ed.
        Status:     Standards Track
        Stream:     IETF
        Date:       December 2010
        Mailbox:    [hidden email],
                    [hidden email],
                    [hidden email]
        Pages:      19
        Characters: 39695
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-isms-radius-vacm-11.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6065.txt

This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols.  It describes the use of
information provided by Authentication, Authorization, and Accounting
(AAA) services, such as the Remote Authentication Dial-In User
Service (RADIUS), to dynamically update user-to-group mappings in the
View-based Access Control Model (VACM).  [STANDARDS-TRACK]

This document is a product of the Integrated Security Model for SNMP Working Group of the IETF.

This is now a Proposed Standard Protocol.

STANDARDS TRACK: This document specifies an Internet standards track
protocol for the Internet community,and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Internet
Official Protocol Standards (STD 1) for the standardization state and
status of this protocol.  Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to [hidden email].  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

Sean Turner
Congrats to all involved!

spt

On 12/9/10 8:33 PM, [hidden email] wrote:

>
> A new Request for Comments is now available in online RFC libraries.
>
>
>          RFC 6065
>
>          Title:      Using Authentication, Authorization, and Accounting
>                      Services to Dynamically Provision View-Based Access
>                      Control Model User-to-Group Mappings
>          Author:     K. Narayan, D. Nelson,
>                      R. Presuhn, Ed.
>          Status:     Standards Track
>          Stream:     IETF
>          Date:       December 2010
>          Mailbox:    [hidden email],
>                      [hidden email],
>                      [hidden email]
>          Pages:      19
>          Characters: 39695
>          Updates/Obsoletes/SeeAlso:   None
>
>          I-D Tag:    draft-ietf-isms-radius-vacm-11.txt
>
>          URL:        http://www.rfc-editor.org/rfc/rfc6065.txt
>
> This memo defines a portion of the Management Information Base (MIB)
> for use with network management protocols.  It describes the use of
> information provided by Authentication, Authorization, and Accounting
> (AAA) services, such as the Remote Authentication Dial-In User
> Service (RADIUS), to dynamically update user-to-group mappings in the
> View-based Access Control Model (VACM).  [STANDARDS-TRACK]
>
> This document is a product of the Integrated Security Model for SNMP Working Group of the IETF.
>
> This is now a Proposed Standard Protocol.
>
> STANDARDS TRACK: This document specifies an Internet standards track
> protocol for the Internet community,and requests discussion and suggestions
> for improvements.  Please refer to the current edition of the Internet
> Official Protocol Standards (STD 1) for the standardization state and
> status of this protocol.  Distribution of this memo is unlimited.
>
> This announcement is sent to the IETF-Announce and rfc-dist lists.
> To subscribe or unsubscribe, see
>    http://www.ietf.org/mailman/listinfo/ietf-announce
>    http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
>
> For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
> For downloading RFCs, see http://www.rfc-editor.org/rfc.html.
>
> Requests for special distribution should be addressed to either the
> author of the RFC in question, or to [hidden email].  Unless
> specifically noted otherwise on the RFC itself, all RFCs are for
> unlimited distribution.
>
>
> The RFC Editor Team
> Association Management Solutions, LLC
>
>
> _______________________________________________
> Isms mailing list
> [hidden email]
> https://www.ietf.org/mailman/listinfo/isms
>
_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

David Harrington
A long tough slog ... Congratulations!

dbh

> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On
> Behalf Of Sean Turner
> Sent: Friday, December 10, 2010 8:51 AM
> To: [hidden email]
> Subject: Re: [Isms] RFC 6065 on Using Authentication,
> Authorization, and Accounting Services to Dynamically
> Provision View-Based Access Control Model User-to-Group Mappings
>
> Congrats to all involved!
>
> spt
>
> On 12/9/10 8:33 PM, [hidden email] wrote:
> >
> > A new Request for Comments is now available in online RFC
libraries.

> >
> >
> >          RFC 6065
> >
> >          Title:      Using Authentication, Authorization,
> and Accounting
> >                      Services to Dynamically Provision
> View-Based Access
> >                      Control Model User-to-Group Mappings
> >          Author:     K. Narayan, D. Nelson,
> >                      R. Presuhn, Ed.
> >          Status:     Standards Track
> >          Stream:     IETF
> >          Date:       December 2010
> >          Mailbox:    [hidden email],
> >                      [hidden email],
> >                      [hidden email]
> >          Pages:      19
> >          Characters: 39695
> >          Updates/Obsoletes/SeeAlso:   None
> >
> >          I-D Tag:    draft-ietf-isms-radius-vacm-11.txt
> >
> >          URL:        http://www.rfc-editor.org/rfc/rfc6065.txt
> >
> > This memo defines a portion of the Management Information Base
(MIB)
> > for use with network management protocols.  It describes the use
of

> > information provided by Authentication, Authorization, and
> Accounting
> > (AAA) services, such as the Remote Authentication Dial-In User
> > Service (RADIUS), to dynamically update user-to-group
> mappings in the
> > View-based Access Control Model (VACM).  [STANDARDS-TRACK]
> >
> > This document is a product of the Integrated Security Model
> for SNMP Working Group of the IETF.
> >
> > This is now a Proposed Standard Protocol.
> >
> > STANDARDS TRACK: This document specifies an Internet standards
track

> > protocol for the Internet community,and requests discussion
> and suggestions
> > for improvements.  Please refer to the current edition of
> the Internet
> > Official Protocol Standards (STD 1) for the standardization
> state and
> > status of this protocol.  Distribution of this memo is unlimited.
> >
> > This announcement is sent to the IETF-Announce and rfc-dist lists.
> > To subscribe or unsubscribe, see
> >    http://www.ietf.org/mailman/listinfo/ietf-announce
> >    http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
> >
> > For searching the RFC series, see
> http://www.rfc-editor.org/rfcsearch.html.
> > For downloading RFCs, see http://www.rfc-editor.org/rfc.html.
> >
> > Requests for special distribution should be addressed to either
the

> > author of the RFC in question, or to
> [hidden email].  Unless
> > specifically noted otherwise on the RFC itself, all RFCs are for
> > unlimited distribution.
> >
> >
> > The RFC Editor Team
> > Association Management Solutions, LLC
> >
> >
> > _______________________________________________
> > Isms mailing list
> > [hidden email]
> > https://www.ietf.org/mailman/listinfo/isms
> >
> _______________________________________________
> Isms mailing list
> [hidden email]
> https://www.ietf.org/mailman/listinfo/isms

_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

Juergen Schoenwaelder-2
In reply to this post by RFC Errata System
On Thu, Dec 09, 2010 at 05:33:09PM -0800, [hidden email] wrote:

>         RFC 6065
>
>         Title:      Using Authentication, Authorization, and Accounting
>                     Services to Dynamically Provision View-Based Access
>                     Control Model User-to-Group Mappings
>         Author:     K. Narayan, D. Nelson,
>                     R. Presuhn, Ed.

I like to thank the authors/editors and I like to congratulate the WG
as a whole to have completed the charter.

/js

--
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

Wes Hardaker-2
In reply to this post by David Harrington
>>>>> On Fri, 10 Dec 2010 08:54:47 -0500, "David Harrington" <[hidden email]> said:

DH> A long tough slog ... Congratulations!

Which makes the work all that more valuable!  Excellent work!
--
Wes Hardaker
Cobham Analytic Solutions
_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-BasedAccess Control Model User-to-Group Mappings

Randy Presuhn
Hi -

> From: "Wes Hardaker" <[hidden email]>
> To: "David Harrington" <[hidden email]>
> Cc: <[hidden email]>
> Sent: Saturday, December 11, 2010 9:15 AM
> Subject: Re: [Isms] RFC 6065 on Using Authentication, Authorization,and Accounting Services to Dynamically Provision
View-BasedAccess Control Model User-to-Group Mappings
>

> >>>>> On Fri, 10 Dec 2010 08:54:47 -0500, "David Harrington" <[hidden email]> said:
>
> DH> A long tough slog ... Congratulations!
>
> Which makes the work all that more valuable!  Excellent work!

(On behalf of the team:  Thanks!)

Are there implementations yet?

Randy


_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms
Reply | Threaded
Open this post in threaded view
|

Re: RFC 6065 on Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

Randy Presuhn
Hi -

Does anyone have anything to report regarding RFC 6065 implementation,
deployment, or operational experience?  Has anyone looked into it and
decided that some other approach was needed?

Randy

_______________________________________________
Isms mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/isms