Hi all, In order to asses whether manageability considerations are well covered in draft-ietf-opsawg-tacacs-tls13, I edited this I-D to specify a module for managing secure tacacs+ clients, based on RFC9105.
Key requirements as drawn in draft-ietf-opsawg-tacacs-tls13 are covered in this version. However, this exercise triggered some questions for which we have no text in the base spec: for example, keepalive considerations. This spec also reveals some issues with 9105 such as the lack of support of dual stack. Bo raised a comment offline whether we define this draft as a bis or keep the current augmentation approach. This point is recorded as a pending issue. Please note that the module does not reuse the tls-client grouping from draft-ietf-netconf-tls-client-server but adopts a pruning approach. Comments and suggestions are more than welcome. Cheers, Med -----Message d'origine----- De : [email protected] <[email protected]> Envoyé : mardi 28 mai 2024 16:27 À : [email protected] Objet : I-D Action: draft-boucadair-opsawg-secure-tacacs-yang-01.txt Internet-Draft draft-boucadair-opsawg-secure-tacacs-yang-01.txt is now available. Title: A YANG Model for Terminal Access Controller Access-Control System Plus (TACACS+) over TLS 1.3 Author: Mohamed Boucadair Name: draft-boucadair-opsawg-secure-tacacs-yang-01.txt Pages: 23 Dates: 2024-05-28 Abstract: This document defines a YANG module for Terminal Access Controller Access-Control System Plus (TACACS+) over TLS 1.3. This modules augments the YANG Data Model for Terminal Access Controller Access- Control System Plus (TACACS+) defined in the RFC 9105 with TLS- related data nodes. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-boucadair-opsawg-secure-tacacs-yang/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-boucadair-opsawg-secure-tacacs-yang-01.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-boucadair-opsawg-secure-tacacs-yang-01 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ I-D-Announce mailing list -- [email protected] To unsubscribe send an email to [email protected] ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
