Hi All, The WG has discussed how to deliver this document two years ago, and came out the solution as follows: https://www.ietf.org/mail-archive/web/opsawg/current/msg04363.html
So the first step is to document the existing TACACS+ protocol as best as we can. We agreed existing TACACS+ protocol is not secure. We Should discuss the security issues in the security considerations section, which could be the input/trigger for the following enhanced protocol. So I hope the discussion do not go off the track. Let's work on the delivery of the first document. Regards, Tianran, as co-chair > -----Original Message----- > From: OPSAWG [mailto:[email protected]] On Behalf Of Scott O. Bradner > Sent: Tuesday, July 10, 2018 9:18 AM > To: Alan DeKok <[email protected]> > Cc: Douglas Gash (dcmgash) <[email protected]>; [email protected]; Andrej Ota > <[email protected]>; Thorsten Dahm <[email protected]> > Subject: Re: [OPSAWG] Action Items on TACACS+ informational draft v 10 > > > > > On Jul 9, 2018, at 9:12 PM, Alan DeKok <[email protected]> wrote: > > > > On Jul 9, 2018, at 5:17 PM, Andrej Ota <[email protected]> wrote: > >> I think that forbidding some parts with MUST would go against the original > mandate for this draft which I understood to be documenting what's used and > specifically not working to do a revision of protocol (which I would love > to hide behind TLS). > > > > The IETF is not about rubber-stamping existing implementations or > practices. > > > > imo - documenting existing practice is not the same thing as “rubber stamping” > > Scott > _______________________________________________ > OPSAWG mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsawg _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
