On Feb 11, 2016, at 1:00 PM, Christopher Morrow <[email protected]> wrote: > > On Wed, Feb 10, 2016 at 10:37 PM, Alan DeKok <[email protected]> > wrote: >> TACACS+ has 100% functionality overlap with RADIUS. > > you keep saying this, but I can't get a radius server to authorize my > command on a network device in my network...
Because the vendors refused to standardize it, and refused to cede change control to the IETF. > I think you are very much in the rough, and I'm not clear on why you > are as vigorous about this. I've been explaining. In detail. I have this odd idea that processes and consensus matter. If they don't, then I'm going to declare myself the dictator of RADEXT, and demand publication of any crazy idea I come up with. Because processes don't matter. > There are network operators on this list > and in the rest of the world that have said: "tac+ is how I AAA my > network gear, I need it to be improved/worked-on/etc, please do that > for me" Will those vendors cede change control to the IETF for the contents of TACACS+? i.e. the commands being authorized? No? Then... TACACS+ won't be an IETF protocol, will it? > also: "I support this draft, and want to see it complete the IETF > process... so I can then start having better security of the > management of my global network elements." Vendors do all kinds of inventive things. Things which are perceived as useful, and which are widely deployed. Not all of them are made IETF standards. I have this strange idea that there is "process" and "consensus" required for IETF standardization. Not just "it's popular, so *boom*, it's a standard!". Alan DeKok. _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
