On Wed, Feb 10, 2016 at 3:51 PM, Alan DeKok <[email protected]> wrote: > On Feb 10, 2016, at 3:40 PM, Blumenthal, Uri - 0553 - MITLL <[email protected]> > wrote: >> >> You have a point - but TACACS is a reality that isn’t going away. Thus >> specifying how to use it/interoperate with it seems useful. > > Then it should be published as an individual submission, as an > informational document. > > I submit that we should be parsimonious with the IETF "stamp of approval". > Publishing a proprietary vendor protocol as an *IETF standard protocol* is a > huge problem.
there's no 'stamp of approval' yet, wg adoption is really just "this is something that the wg is interested in working on" It may flounder and die, or it may blossom into a useful standards document. > > Cisco had 18 years to submit the document for consideration by the IETF. > They decided not to. That's fine, it's their decision. > as a reminder it's not 'cisco' but the authors as individuals... who may have: A) been pulled away from the work for other reasons B) not wanted to get abused by ietf folk for something that is working and has adoption across a wide swath of the industry C) other - it's not super important I suppose really WHY they didn't pursue this work in 1996... Almost all vendors today implement tacacs+ (mostly tac+) for AAA services on their devices after all. > This isn't publishing extensions to existing documents, where the WG has > been disbanded. This isn't publishing documents which are relevant to > multiple working groups, but don't really belong in any particular one. > oddly there's not a 'networking working group' anymore, since the work fits well with 'ops' area work this doesn't seem like a bad place for it to happen. > This is creating an entirely new standard protocol, which is in direct > competition to existing, and active, working groups. Worse, it's a protocol > which the vendor refused to document for 18 years. > it's not 'entirely new', it's actually 20 yrs old, needs improvements for security AND operations/management reasons and is used across almost all network equipment in large networks (private networks, public networks, enterprise networks, etc). > Now that they're getting bit by interoperability issues, they're seeking > the IETF stamp of approval. It's a complete end-run around the entire IETF > process. > I don't think the complaint is 'interoperability issues' as much as: "Gosh, this should be standardized so we have a platform to make improvements to the security problems we see in the active protocol today." -chris > Alan DeKok. > > _______________________________________________ > OPSAWG mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsawg _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
