WBMM> RE: Scope and Starting Point

WBMM> RE: Scope and Starting Point

WBMM> RE: Scope and Starting Point

Wagner,William WWagner at NetSilicon.com
Thu Feb 27 18:08:33 EST 2003


I appreciate the acknowledgement that the use of port 80, although perhaps impure, is probably a practical approach. At this point, I am still sufficiently unclear about the reason or form of the intra-enterprise application to comment on that.

Although  EMail has been used to allow the Monitor to request a connection, the approach that I am suggesting (and have used) is that the management interface be configured with the address of the Monitor it is to communicate with. On startup, it contacts that monitor. The monitor can then request immediate actions. But regardless, the monitor sends down a schedule/shopping list (which we have been calling a "manifest") of the objects to be monitored, objects to be reported, when they are to be reported and when the management interface is to query the monitor for the next manifest.

This avoids the need to assign the management interface a POP3 account and makes installation easier.

However, there may be an advantage in  defining a manifest format, and allowing the management interface to get that file by polling the monitor or by polling the mail system.

I agree that, especially for the type of information appropriate to an external monitor, the MIB is a good starting point. Since I am not considering a human consumer, I like the use of the OID system as being flexible and expandable. In several cases, private MIB objects are also desirable (e.g., count of multi-color as well as bi-level sides printed). In some cases, desirable objects are not in either the standard or the private MIBs. Ideally, the approach would also accommodate non-network connected devices with a serial maintenance port going to a network-connected management interface.

For extra-enterprise use, I see little need for logical configuration control, although there may be some applications where it is necessary. In fact, there may be a need to explicitly exclude that sort of access in some installation.

Bill Wagner

-----Original Message-----
From: McDonald, Ira [mailto:imcdonald at sharplabs.com]
Sent: Thursday, February 27, 2003 4:43 PM
To: 'Harry Lewis'; McDonald, Ira
Cc: 'TAYLOR,BOB (HP-Vancouver,ex1)'; 'Wbmm (E-mail); Wagner,William
Subject: RE: WBMM> RE: Scope and Starting Point

Hi folks,

I think that Bob Taylor articulated the "internal" scenario - plugging
into the existing systems management platforms, like Web Jet Admin,
OpenView, Tivoli, etc.

NOTE: I hereby withdraw my objections to the monitored devices choosing
to initiate connections (OUTBOUND across the customer's firewall and
thence to the service provider's data gathering system) on HTTP port 80.
The IETF wouldn't like it at all, but maybe we (PWG) don't care.

If the HTTP port 80 connections are always initiated by the monitored
devices (and NEVER by the system management platform), then I'd say
that the same protocols (HTTP/1.1 over optional TLS/1.0 over TCP)
apply just fine to both the "external" and "internal" scenarios.

A question arises about how a system management platform (internal or
external) can trigger the monitored device to initiate a connection
(for example to pickup a new configuration or a security patch??).

I suggest that the system management platform could send an email
to the monitored device as that trigger.  No new customer
infrastructure is required (although the monitored device has
to have an email address in the customer's enterprise network).

I think the vast majority of the Printer MIB (v1 or v2) is perfectly
sound data modelling and it's only the (small) area of the "magic
decoder ring" that we need to clean up.

Is WBMM intended to overlap not only physical device configuration
(Printer/Finisher MIBs) but also logical configuration (IPP system
admin operations)?  I think it's a bad idea to dive into logical
configuration, for example, print queues (which DMTF CIM does

- Ira McDonald
  High North Inc

-----Original Message-----
From: Harry Lewis [mailto:harryl at us.ibm.com]
Sent: Thursday, February 27, 2003 11:11 AM
To: McDonald, Ira
Cc: 'TAYLOR,BOB (HP-Vancouver,ex1)'; 'Wbmm (E-mail); Wagner,William
Subject: RE: WBMM> RE: Scope and Starting Point

I'm glad to see a semi-consensus forming which seems to say 
1. It would be good to address some of the scars remaining with the printer
MIB as we define a new protocol, data format etc. 
2. External service agent is a viable (and very important) target but not
the only target (internal is a valid topic) 
3. We should force ourselves to take a client view this time around...
whereas Printer MIB development was MOSTLY or completely a device centric

As far as the tail waging the dog... I agree with Ira... we're not going to
have much (any) influence in that direction. But I also agree with Bob
Taylor that we could harm our effort if we insist on alignment with some
external emerging management standard. Basically I think our xx years of
experience with the Printer MIB have proven there has not been much of a
connection between the dog and tail. I think the alignment should be driven,
again, from a client perspective as appropriate. In otherwords... let's not
just try and find a dog to stick our tail on... but, as we evaluate the
solution space, data model, semantics and protocols in terms of client
requirements... if the same big dog is always in the picture... that would
be a good signal to align. 
Harry Lewis 
IBM Printing Systems 

"McDonald, Ira" <imcdonald at sharplabs.com> 
02/27/2003 08:18 AM         
        To:        "'TAYLOR,BOB (HP-Vancouver,ex1)'" <bobt at hp.com>, Harry
Lewis/Boulder/IBM at IBMUS, "Wagner,William" <WWagner at NetSilicon.com> 
        cc:        "'Wbmm (E-mail)" <wbmm at pwg.org> 
        Subject:        RE: WBMM> RE: Scope and Starting Point


I agree with all of Bob Taylor's and Harry Lewis's comments
below, except for Bob's comment at (2).  I think it's wildly
unlikely that this tail (the printer industry) is going to
wag that dog (the systems management industry).

I especially like Bob's observation that the "external
service agent" model should NOT be the only design center
for WBMM.

Please note that the assumption that SNMP is only "internal"
is far out-of-date.  SNMPv3 with strong security has been
used by service providers for several years now to manage
routers in their clients' enterprise networks.  Now that
SNMPv3 is full Internet Standard and SNMPv1 has been dropped
from the Internet 'standards track' (it's status Historic),
there will be an increasing number of peripheral devices
(like printers) that follow the lead of the infrastructure
devices (because of pressure from customers), I suspect.

- Ira McDonald
 High North Inc

-----Original Message-----
From: TAYLOR,BOB (HP-Vancouver,ex1) [mailto:bobt at hp.com]
Sent: Wednesday, February 26, 2003 7:39 PM
To: 'Harry Lewis'; Wagner,William
Cc: 'Wbmm (E-mail)
Subject: RE: WBMM> RE: Scope and Starting Point

1.a: I don't think we have alignment yet on whether this is for "external"
agents only, or for internal & external.  IMHO, if we're going to the
trouble to define a new protocol/model for "external" that is going to
eventually cover most of what we use SNMP for internally, I want to be able
to use it internally as well.  We want to be able to leverage, scale &
distribute tools for management - forcing a completely different protocol
when you cross the firewall makes this really difficult.
1.b: I agree with Harry's comments.

2: We should at the least be aware of these efforts - and where possible
leverage off of them.  I wouldn't, though, delay our progress to align with
them - and in fact if we make good progress, we may want to push some of our
ideas into these forums.

3: I think we need to talk about the kinds of clients that we expect to use
this.  While some may be "browsers", I certainly expect this protocol to be
used by dedicated management tools (e.g., WebJetAdmin, etc.) and by
automated systems.  If it's just external "browsers" talking across
firewalls, I'm not sure we need to define any "protocol" at all - in effect,
your "protocol" is just HTML/Javascript, and an application inside the
firewall is serving up web content over an HTTPS: connection.  It's only
when you're doing more "programmatic" tools that you really need a robust
protocol - and though these tools may be accessed through a browser (e.g.,
something running on an app server), the protocols used in these cases may
not be very browser like - though they may use HTTPS, etc. to get through

I'll be sending a separate message with an explanation of how I'm thinking
about the problem - as I write this up, I may find more issues and will
bring them up then.



Bob Taylor                                       
Senior Architect                           
IPG Strategic Technology Development 
Hewlett-Packard Co.      
mailto:robertt at vcd.hp.com                       
phone: 360.212.2625/T212.2625                   
fax: 208.730-5111                
-----Original Message-----
From: Harry Lewis [mailto:harryl at us.ibm.com]
Sent: Saturday, February 22, 2003 9:57 PM
To: Wagner,William
Cc: 'Wbmm (E-mail)
Subject: RE: WBMM> RE: Scope and Starting Point

1.a. - I agree... but I have a feeling I'm reading more into ("etc.") than
you may. You've listed usage, alerts, diagnostics, configuration,
downloading resources, downloading executables (presumably diagnostic or
interrogative in nature) and upgrading (remotely)... there seems to be very
little remaining that is done via SNMP today... so why not include "the
rest" ... like taking the device off-line, reading or writing the OpPanel,
... "ETC...".? 
1. b. - Yes, I've expressed several times that I believe we should address
the semantics for device management - just as we've recently done for job
submission and  management and we should specifically try to clean up some
of the toxic waste we spilled in the status area during the early MIB days
("magic decoder ring", "agent orange" ). 

2. I think we should make ourselves aware of existing or emerging standards
in the area. I don't think we should force alignment or compliance unless we
can clearly articulate the benefit and honestly feel there is a very good
chance that alignment will result in adoption. While the Printer MIB is
probably one of the most useful standards ever in terms of heterogeneous
printer management, most of the pretzel twists we encountered to align with
a larger cause never really achieved the hoped for result (my opinion). 

I feel we should leverage our own positive model and experience with the
semantic model. No one questions whether SM is the right thing to do. The SM
springboards from our most recent job protocol... IPP into the web
environment and does facilitate firewall scenarios I view WBMM as doing the
same thing... springboard off Printer, Finisher MIBs onto web protocols via
a common (device) semantic model. 

3. We need to nail this firewall discussion early. I do agree that we want
to facilitate solutions that can cross the firewall... similar to the way
we've done PSI. I hear others reacting to this requirement as if it is an
inappropriate goal. This will drag on and haunt us later if not put to rest.

Harry Lewis 
IBM Printing Systems 

"Wagner,William" <WWagner at NetSilicon.com> 
Sent by: owner-wbmm at pwg.org 
02/20/2003 03:03 PM         
       To:        "'Wbmm (E-mail)" <wbmm at pwg.org> 
       Subject:        RE: WBMM> RE: Scope and Starting Point

Bob Tailor had a very good suggestion.  "..try to identify the issues before
[the conference call]
so you might ask that everyone post them to WBMM before the meeting. For
"simple" issues, we may be able to knock them off in email, saving our phone
time for the more significant/contentious issues."

I had intended that sort of thing in asking for comments on the write-up (or
any other comments that were felt to be germane). But an explicit request
may be more fruitful.

Please forward your issues to the list!

Lets start with a few that I see.

1. Basic purpose: I have defined it as access by an external agent to
imaging devices on an enterprise network, for the purpose of monitoring
usage and alerts, perhaps for doing maintenance tests and general
configuration, and perhaps for downloading files including executables,
fonts, upgrades, etc.
               a. Do we have agreement on this?
               b. Is there a strong feeing that the scope must be expanded,
and if so, how?

2. Consideration of the approaches in the documents referenced by Ira, Lee
and Don (thank you all). Should we embrace, ignore, or possibly extract some
aspects from which ones?
My contention is:
               a. as overall approaches, all seem to lack the concept of
finessing firewalls
               b. approaches intended for managing/configuring networks
miss the problems of an external agent trying to manage devices on the
network. The MIS people want some inherent restrictions on what the external
site can do, and in many cases, want to be able to monitor messages being
sent out to make sure that there is nothing untoward.
               c. we may however, want to consider some other aspects of
the other approaches. Perhaps the coding or the notion of XML coded RPCs.

3. Is there general agreement on the use of HTTP clients operating in a
Browser-like mode as the mechanism to finesse firewall?

Please feel free to add issues!

Many thanks,

Bill Wagner/NetSilicon

-----Original Message-----
From: TAYLOR,BOB (HP-Vancouver,ex1) [mailto:bobt at hp.com]
Sent: Thursday, February 20, 2003 3:49 PM
To: Wagner,William
Subject: FW: WBMM> RE: Scope and Starting Point

3/4 4-5 EST works for me.  One suggestion: Given that you only are
allocating one hour, it might be good to try to identify the issues before
then, so you might ask that everyone post them to WBMM before the meeting.
For "simple" issues, we may be able to knock them off in email, saving our
phone time for the more significant/contentious issues.


-----Original Message-----
From: Wagner,William [mailto:WWagner at NetSilicon.com]
Sent: Wednesday, February 19, 2003 6:11 PM
To: wbmm at pwg.org
Subject: WBMM> RE: Scope and Starting Point


I have attached some thoughts on the use cases the WBMM should be
addressing, and taken a cut at defining a starting point.  The document is
posted to:

I would appreciate some feedback with the objective of finding common ground
within the working group. Would a conference  call on 4 March, 4-5 PM EST be

Bill Wagner

More information about the Wims mailing list