RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 1 record.

Status: Rejected (1)

RFC 6242, "Using the NETCONF Protocol over Secure Shell (SSH)", June 2011

Source of RFC: netconf (ops)

Errata ID: 5305
Status: Rejected
Type: Technical

Reported By: HengyingFan
Date Reported: 2018-03-26
Rejected by: Ignas Bagdonas
Date Rejected: 2018-03-27

Section 6 says:

   This document also recommends that SSH servers be configurable to
   allow access to the "netconf" SSH subsystem over other ports.  Use of
   that configuration option without corresponding changes to firewall
   or network device configuration may unintentionally result in the
   ability for nodes outside of the firewall or other administrative
   boundaries to gain access to the "netconf" SSH subsystem.

It should say:

   This document also recommends that SSH servers be configurable to
   allow access to the "netconf" SSH subsystem over other ports.  Use of
   that configuration option without corresponding changes to firewall
   or network device configuration may unintentionally result in the
   inability for nodes outside of the firewall or other administrative
   boundaries to gain access to the "netconf" SSH subsystem.

Notes:

ability -> inability
--VERIFIER NOTES--
It was discussed among reporter, document authors, and WG members and the conclusion was that the original text in the document is technically correct.

Email discussion:
https://mailarchive.ietf.org/arch/msg/netconf/xMBJjW9Sn5xzXZYhwVbRM0Im1fg

Report New Errata