Re: [Netconf] I-D Action: draft-ietf-netconf-reverse-ssh-01.txt

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

[Feel free to forward elselist as seems appropriate; after what saag@
started doing, I'm disinclined to subscribe to more @ietf.org lists.]

>>   This memo presents a technique for a NETCONF server to initiate a
>>   SSH connection to a NETCONF client.  This is accomplished by the
>>   NETCONF client listening on IANA-assigned TCP port YYYY and
>>   starting the SSH client protocol immediately after accepting a TCP
>>   connection on it.  This role-reversal is necessary as the NETCONF
>>   server must also be the SSH Server, in order for the NETCONF
>>   client to open the IANA-assigned SSH subsystem "netconf".

I don't see why the netconf client has to be the one to initiate the
subsystem open.  It seems to me it does less violence to ssh for the
netconf server to be the ssh client (and conversely of course), with
the netconf protocol designed to know that the ssh roles are reverse
from the netconf roles.  (If the netconf subsystem is too standardized
for this at this point, that seems to me like a reason to define a new
subsystem that works more usefully.)

Note that the ssh server on the netconf client does not necessarily
have to also operate as a normal ssh server; it might, for example,
refuse shell and exec requests and all subsystems except netconf.

Am I just revealing my ignorance of netconf here?

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B