<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hi James, Ivan, Richard,</p>
<p>Please go through the mail below, I responded the queries.</p>
<p>Let me know if we have concern around this.</p>
<p>Ratan</p>
<div class="moz-cite-prefix">On 3/20/20 12:50 PM, Ratan Gupta wrote:<br>
</div>
<blockquote type="cite"
cite="mid:477c9a0c-ea2a-f1d5-7e0f-59ece898096d@linux.vnet.ibm.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<p><tt>Hi James,Ivan,Richard</tt><tt><br>
</tt></p>
<p><tt>The Intention of the below requirement is to help the
clients to find the other connected clients in realtime.</tt></p>
<p><tt>Richard, As you mentioned in other thread </tt><tt><br>
</tt></p>
<p><b><tt>"Or is this being to log accesses for security audits?
I think that would help me figure out what direction we
should move towards."</tt></b></p>
<p><tt> It may get used for security audits but didn't think
before you pointed out.</tt></p>
<p><tt><br>
</tt></p>
<div class="moz-cite-prefix">On 3/17/20 9:28 PM, James Feist
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:76571c68-ed92-f15f-cfd5-37a323b430b1@linux.intel.com">On
3/17/2020 6:01 AM, Ratan Gupta wrote: <br>
<blockquote type="cite">Hi Team, <br>
<br>
Looking for your inputs <br>
<br>
James, How about option1 for the below use case <br>
</blockquote>
<br>
Before creating OEM we are to propose it to the Redfish
community. Have you asked them for their thoughts? <br>
</blockquote>
<tt>My plan was to ask from the openBMC community first about the
requirement, If the co</tt><tt>mmunity interested in this we can
propose it to the Redfish-Forum.</tt><br>
<blockquote type="cite"
cite="mid:76571c68-ed92-f15f-cfd5-37a323b430b1@linux.intel.com">
<br>
<blockquote type="cite"> <br>
Ratan <br>
<br>
On 3/11/20 3:48 PM, Ratan Gupta wrote: <br>
<blockquote type="cite"> <br>
Hi Team, <br>
<br>
In IBM we have a following requirement <br>
<br>
* Show the connected redfish client info. <br>
o ClientIP >> o Client Unique
Identifier(unique serial number of the </blockquote>
</blockquote>
client etc) <br>
<br>
This confuses me, how are you getting the serial number for a
connected client? If so, have you looked into data protection
laws and storing Personally Identifiable Information? <br>
</blockquote>
<p><tt>Client have to give this info, it could be anything like
hostname of the client, serial number of the machine etc, it
is up to the client what they want to provide as part of
client identifier.</tt></p>
<p><tt>Why it is needed?</tt></p>
<p><tt>Consider the below use case</tt></p>
<tt> </tt>
<p><tt>=> Client(x.x.x.x) creates the session with BMC</tt></p>
<tt> </tt>
<p><tt>=> BMC stores this IP(x.x.x.x)</tt></p>
<tt> </tt>
<p><tt>=> Now say Client IP(x.x.x.x) got change to y.y.y.y but
the session is still valid.</tt></p>
<tt> </tt>
<p><tt>=> Stored IP(x.x.x.x) will not be much usable here in
this scenario</tt></p>
<tt> </tt>
<p><tt>=> Here Client Identifier may be usable to identify the
connected client.</tt></p>
<p><tt>Let me know your thoughts here.<br>
</tt></p>
<p><tt><br>
</tt></p>
<blockquote type="cite"
cite="mid:76571c68-ed92-f15f-cfd5-37a323b430b1@linux.intel.com">
<br>
<blockquote type="cite">
<blockquote type="cite"> <br>
<br>
Presently there is no way through which we can get this
info. <br>
<br>
I have following two proposal for the above requirement. <br>
<br>
1/ (Extend the session schema) <br>
<br>
Add the IPaddress and the client Identifier as a OEM in the
session schema, <br>
Clinet IP would be read only and will be updated once the
redfish client creates the session. <br>
ClientIdentifier(Management console unique serial number
etc) will be writable property and can be set by the redfish
client <br>
during creation of the session or after creating the
session. <br>
<br>
<br>
2/ (Create the Manager object at runtime) <br>
once the redfish client creates the session , bmcweb
internally does the following <br>
<br>
- Create the manager object whose type is "Management
Controller". <br>
<br>
- Create the ethernet interface resource manager resource
and update the client IP. <br>
<br>
In the second option how to set the Client unique
identifier which is to be given by the Redfish client <br>
</blockquote>
</blockquote>
<br>
I've had talks before about creating a new systems schema for
the BMC specifically, so that you could expose things like bmc
memory, etc. Systems also has the Ethernet schema. However this
depends on what you're trying to present. <br>
<br>
</blockquote>
Here I was proposing to create a manager object for the external
clients, once they creates the session with the BMC. I am not sure
what else we can set for the connected client in the manager
object so I was inclined towards extending the session schema
instead of creating the manager object for external clients. <br>
<blockquote type="cite"
cite="mid:76571c68-ed92-f15f-cfd5-37a323b430b1@linux.intel.com">
<blockquote type="cite">
<blockquote type="cite"> <br>
Please let me know your thoughts on the above. <br>
<br>
Ratan <br>
<br>
</blockquote>
</blockquote>
</blockquote>
Ratan<br>
</blockquote>
</body>
</html>