Developer Network

« Back to Technical Discussions

aaaLogin and encryption

Combination View

Sebastien Bouchex Bellomie Posts: 13 Join Date: 8/17/09 Recent Posts	aaaLogin and encryption Answer 8/26/10 8:38 PM Mark as an Answer Submit Reply with Quote Quick Reply Hello, I'm currently using the UCM Emulator and I saw that the aaaLogin xml response contains 2 attributes: outChannel and outEvtChannel. Except noencssl, what are the possible values ? What should the implementer do if a value other than noencssl is received ? Do you have a sample code ? Thanks Seb
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Pramod Borkar Posts: 44 Join Date: 4/13/10 Recent Posts	RE: aaaLogin and encryption Answer 8/27/10 12:23 PM as a reply to Sebastien Bouchex Bellomie. Mark as an Answer Submit Reply with Quote Quick Reply <aaaLogin response="yes" outCookie="1217377205/85f7ff49-e4ec-42fc-9437-da77a1a2c4bf" outRefreshPeriod="600" outPriv="aaa,ext-lan-policy,ext-lan-qos,ext-san-policy,operations,pod-policy,pod-qos,read-only" outDomains="mgmt02-dummy" outChannel="noencssl" outEvtChannel="noencssl"> </aaaLogin> Can you please unicast me about what you are trying to get out of the variables here? Pramod
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Sebastien Bouchex Bellomie Posts: 13 Join Date: 8/17/09 Recent Posts	RE: aaaLogin and encryption Answer 8/27/10 12:55 PM as a reply to Pramod Borkar. Mark as an Answer Submit Reply with Quote Quick Reply <aaaLogin response="yes" outCookie="1217377205/85f7ff49-e4ec-42fc-9437-da77a1a2c4bf" outRefreshPeriod="600" outPriv="aaa,ext-lan-policy,ext-lan-qos,ext-san-policy,operations,pod-policy,pod-qos,read-only" outDomains="mgmt02-dummy" outChannel="noencssl" outEvtChannel="noencssl"> </aaaLogin> Can you please unicast me about what you are trying to get out of the variables here? Pramod Hello, I don't speak about the outPriv but rather the encryption related variables. We are studying the API and we were wondering how we would handle the variables and more precisely the content of the HTTP request if encryption is enabled. Seb
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Dipti Joshi Posts: 6 Join Date: 8/4/09 Recent Posts	RE: aaaLogin and encryption Answer 9/1/10 8:02 PM as a reply to Sebastien Bouchex Bellomie. Mark as an Answer Submit Reply with Quote Quick Reply <aaaLogin response="yes" outCookie="1217377205/85f7ff49-e4ec-42fc-9437-da77a1a2c4bf" outRefreshPeriod="600" outPriv="aaa,ext-lan-policy,ext-lan-qos,ext-san-policy,operations,pod-policy,pod-qos,read-only" outDomains="mgmt02-dummy" outChannel="noencssl" outEvtChannel="noencssl"> </aaaLogin> Can you please unicast me about what you are trying to get out of the variables here? Pramod Hello, I don't speak about the outPriv but rather the encryption related variables. We are studying the API and we were wondering how we would handle the variables and more precisely the content of the HTTP request if encryption is enabled. Seb Seb: Following are the values for outChannel and outEvtChannel: fullssl noencssl plain You can find them in UCSM-OUT.xsd in cluded in the xml schema zip files that can be downloaded from UCS emulator interface. Dipti
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Sebastien Bouchex Bellomie Posts: 13 Join Date: 8/17/09 Recent Posts	RE: aaaLogin and encryption Answer 9/1/10 8:41 PM as a reply to Dipti Joshi. Mark as an Answer Submit Reply with Quote Quick Reply Yes but that¿s incomplete: - What should we do when the fullssl is defined in the login response ? What are the encryption algorithms (such as cipher, etc¿) ? Where the encryption keys are stored ? How to we handle hand-shaking during the encyption phase ? A sample would be very helpful. - What is the difference between plain et noencssl ? Thanks seb
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top

Bengt Ake Andersson Posts: 9 Join Date: 3/31/10 Recent Posts	RE: aaaLogin and encryption Answer 10/29/10 5:20 AM as a reply to Sebastien Bouchex Bellomie. Mark as an Answer Submit Reply with Quote Quick Reply Yes but that¿s incomplete: - What should we do when the fullssl is defined in the login response ? What are the encryption algorithms (such as cipher, etc¿) ? Where the encryption keys are stored ? How to we handle hand-shaking during the encyption phase ? A sample would be very helpful. - What is the difference between plain et noencssl ? Thanks seb Values of outChannel and outEvtChannel are experimental and can be safely ignored. The idea with these fields was to provide SSL mode with encryption and SSL mode with no encryption (authentication only).
	Sign in to vote. Flag Please sign in to flag this as inappropriate. Top