Many thanks for the comments. Please see responses from authors inline, marked “TA”. Action items from this mail to update the document are marked: [AI-TA] to mean: “action item for the authors”.
On 15/05/2019, 21:35, "Éric Vyncke via Datatracker" <[email protected]> wrote: Éric Vyncke has entered the following ballot position for draft-ietf-opsawg-tacacs-13: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-opsawg-tacacs/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for the work everyone has put into this document. I have some comments and some nits. I also support most of the other comments issued by the IESG members. And, I appreciate the time taken to document a protocol that I used in the mid 90's ;-) it took sometime to document it... I also appreciate the use of 'obfuscation' in section 4.7. == COMMENTS == - section 1, I am unsure whether the 'today' in 'It is primarily used today...' still stands in 2019. - a little late to ask, but, is there any reason why draft-dahm-opsawg-tacacs does not refer to 'The Draft' in the datatracker? – TA> Will check that out and resolve [AI-TA] section 4.8, the flag values are 0x01 and 0x04, but what about the other bits? Should they be considered as 0 and ignored on reception? TA> Good catch. Our opinion is that they should be ignored, we will clarify [AI-TA] - section 5.1, should TAC_PLUS_AUTHEN_SVC_ARAP := 0x04 also be deprecated ? TA> Agreed [AI-TA] - section 5.4.2.1 about 'ASCII login' while I understand that years ago it was ASCII only hence the name of the value but the text is unclear whether UTF-8 could be used (assuming that the network devices support this character set) – TA> Will clarify and add the restriction as intended, to ASCII [AI-TA] section 8.2, the route attribute is defined only for IPv4 while the T+ can send IPv6 addresses to the client. Is it sensible? TA> Good catch. The original definition was not explicit, but unsurprisingly, it implicitly covered only IPv4 properly. Really with T+ being used only for the device administration use case, we can probably deprecate these attributes. [AI-TA] == NITS == - abstract TACACS is an acronym which should be expanded in the abstract TA> Agreed, we will add [AI-TA] - section 3 could be updated esp around "character mode front end and then allow the user to telnet" - section 4.1 add that the port 49 has been allocated by the IANA ? TA> Agreed, we will follow up on that [AI-TA] - section 4.3 talks about flags but the packet format is also presented in section . Not a logical flow TA> Agreed, will resolve [AI-TA] - section 8.1 s/IPV6 address text representation defined/IPv6 address text representation is defined/ (lower case V as well) TA> Agreed, will resolve [AI-TA] - section 8.2, please clarify the inacl value, is it an ACL name or an ASCII representation of the list of ACL entries? TA> Agreed, it is listed as an identifier, will clarify this refers to the name[AI-TA] _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
