On Jul 10, 2018, at 10:11 AM, Andrej Ota <[email protected]> wrote: > Actually, both PAP and CHAP are irrelevant in this case. If Eve is in a > position to intercept TACACS+ traffic, she can flip a single bit in the > authentication response and that will ensure that the device (client) will > consider authentication to have succeeded. Obfuscation doesn't help, only > secured transport does.
Yes. > Thus it's irrelevant to specifically mention any particular currently used > authentication method as all of them fail in exactly the same way *and* it's > irrelevant to distinguish between obfuscated and non-obfuscated variety as > MitM will succeed regardless. Yes and no. It's still bad to send clear-text passwords over a clear channel. That can be called out and explained. > Since this makes secured transport a minimal necessary requirement for any > secure deployment, what benefit is there to try and find further examples of > what can be mandated if none of the mandates would meaningfully change the > end result? It's useful to explain *what* behaviours are insecure, and *why* they are insecure. The alternative is to leave the reader to fend for himself. "Hmm... the authors didn't say this was bad, so let's do it!" Alan DeKok. _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
