In case anyone else should be interested, the survey I keep referring to was performed of 149 operators at NANOG at the request of the IETF AD to provide evidence that there was a problem with SNMPv3 security that the IETF should work on. The results were presented at IETF60 and the IESG were convinced; hence the isms WG.
I refer to it because the IETF often bemoans the lack of operator input and this is one time when it was sought and obtained. And yes, as Rainer pointed out, we don't know what X.509 means and SSL/TLS (and a few others) could be lurking in there (nothing like a survey for creating the need for more surveys:-(. Tom Petch ----- Original Message ----- From: "Darren Reed" <[EMAIL PROTECTED]> To: "Tom Petch" <[EMAIL PROTECTED]> Cc: "Rodney Thayer" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, October 26, 2005 2:48 PM Subject: Re: Why not TLS was Re: [Syslog] Secure substrate - need your input > [ Charset ISO-8859-1 unsupported, converting... ] > > Just to add the figures that support my assertion, in an e-mail from Wes > > Hardaker, who surveyed the network operators, to isms > > > > "Of the various authentication systems in use at that time by the people that > > responded: > > > > 66% local accounts > > 49% SSH-keys > > 40% Radius > > 29% TACACS+ > > 14% X.509 Certificates > > 10% Kerberos > > > > [numbers don't add to 100 because more than one option could be selected]" > > > > which I have paraphrased as > > SSH a significant number > > TLS so small as to be invisible > > I disagree. I don't think the numbers above provide that kind of > conclusion at all. We don't know what the survey was, etc. Just > like any set of statistics, they can be interpreted to mean many > things, depending on how you want to read them. > > Anyway, I'm not interested in that. > > But, to put the problem differently, in how many different places can > you use TLS/SSL for authentication today, to sign in ? > > If there's nowhere for people to use TLS then of course the numbers > won't be high. > > Darrn _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
