Dear OpsAWG WG, The authors of draft-ietf-opsawg-tacacs-05 have indicated that they believe that the document is ready, and have asked for Working Group Last Call.
This WGLC ends Mon 17-Oct-2016. Please review this draft to see if you think it is ready for publication and send comments to the list, clearly stating your view. Please note that "Yeah, I reviewed it, it looks great!" is a useful comment (well, more useful than silence). Please note that this document is primarily describing an existing protocol, *NOT* designing a new one. This means that comments of the form "Ick, this uses MD5?! You *so* should replace it with [SHA-512|BLAKE2|GOST|SWIFFT|<etc>]" or "flags should be 16bits, not 8, what if we want to extend this?" are not helpful. Also, we already know that this protocol has security issues. The plan is to publish this document, finally documenting (after 19 years) one of the core protocols used by network people. Once this is done, there will be a new document published, extending this to be more secure. There is some history behind this decision... The draft is available here (for easy clickin'): https://datatracker.ietf.org/doc/draft-ietf-opsawg-tacacs-05/ In addition, to satisfy RFC 6702 ("Promoting Compliance with Intellectual Property Rights (IPR)"): Are you personally aware of any IPR that applies to draft-ietf-opsawg-tacacs-05? If so, has this IPR been disclosed in compliance with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378 for more details.) Thanks, Warren Kumari (as OpsAWG WG co-chair) -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
