Thanks, Russ. The authors have published -19. The diff is at https://author-tools.ietf.org/iddiff?url2=draft-ietf-opsawg-tacacs-tls13-19. If you agree with the modified text can you amend your DIR review to Ready?
Thanks. Joe From: Russ Housley <hous...@vigilsec.com> Date: Thursday, March 13, 2025 at 23:02 To: Douglas Gash (dcmgash) <dcmgash=40cisco....@dmarc.ietf.org> Cc: mohamed.boucad...@orange.com <mohamed.boucad...@orange.com>, IETF SecDir <sec...@ietf.org>, draft-ietf-opsawg-tacacs-tls13....@ietf.org <draft-ietf-opsawg-tacacs-tls13....@ietf.org>, last-c...@ietf.org <last-c...@ietf.org>, opsawg@ietf.org <opsawg@ietf.org> Subject: Re: [Last-Call] Secdir last call review of draft-ietf-opsawg-tacacs-tls13-18 This approach works for me. Russ On Mar 13, 2025, at 5:33 AM, Douglas Gash (dcmgash) <dcmgash=40cisco....@dmarc.ietf.org> wrote: Just to confirm, there are three authentication methods (Cert, PSK, RPK). Cert MUST be implemented, the other two MAY be implemented, as they become mature. We have made two specific changes, which we hope will clarify: 1. We have indicated that the two options (PSK and RPK) are alternatives to Cert based, to avoid the impression that they are augmentations which are intended to work in combination. 2. In the start of the Cert based section, we have clarified that this section covers Cert based only. Please let us know if this new version changes clarify this intent.
_______________________________________________ OPSAWG mailing list -- opsawg@ietf.org To unsubscribe send an email to opsawg-le...@ietf.org
