Definitions of Managed Objects for IP Storage User Identity Authorization
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, ips mailing list <firstname.lastname@example.org>, ips chair <email@example.com> Subject: Protocol Action: 'Definitions of Managed Objects for IP Storage User Identity Authorization' to Proposed Standard The IESG has approved the following document: - 'Definitions of Managed Objects for IP Storage User Identity Authorization ' <draft-ietf-ips-auth-mib-09.txt> as a Proposed Standard This document is the product of the IP Storage Working Group. The IESG contact persons are Allison Mankin and Magnus Westerlund. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ips-auth-mib-09.txt
Technical Summary This MIB defines objects for managing user identities and the names, addresses, and credentials required manage access control, for use with various protocols. This draft was motivated by the need for the configuration of authorized user identities for the iSCSI protocol, but has been extended to be useful for other storage protocols with similar requirements. It is important to note that this MIB module provides only the set of identities to be used within access lists; it is the responsibility of other MIB modules (or applications) using this to tie them to their own access lists or other authorization control methods. Working Group Summary The working group reached consensus on this document easily. The group's work on this document completed a long time ago; there was considerable delay before a MIB doctor review slot could be obtained. Protocol Quality Bert Wijnen became the MIB Doctor for this specification and provided extensive comments, for which revisions were made. David Black is the WG Chair shepherd. Allison Mankin is the Responsible Area Director. Notes to RFC Editor Please make the following changes: (1) Add the following sentence to the end of Section 7.6 as a separate paragraph (i.e., not as part of the description of "Other"): An additional credential type can be added to this MIB module by defining a new OID in the ipsAuthMethodTypes subtree, and defining a new table specific to that credential-type. (2) Make the following changes so that RFC 4120 is referenced instead of RFC 1510. - Section 7.6 OLD: [RFC1510] NEW: [RFC4120] - Section 9, DESCRIPTION clause for ipsAuthCredKerbPrincipal OLD: J. Kohl, C. Neuman, RFC 1510: The Kerberos Network Authentication Service (V5), September 1993 NEW: C. Neuman, S. Hartman, and K. Raeburn, RFC 4120: The Kerberos Network Authentication Service (V5), July 2005 - Section 11, replace the normative reference to RFC 1510 with a normative reference to RFC 4120.