Re: [OPSAWG] New Version Notification for draft-zheng-opsawg-tacacs-yang-01.txt
On Mar 15, 2019, at 4:48 AM, Wubo (lana) wrote: > > Dear WG, > > We uploaded the 01 version of draft-zheng-opsawg-tacacs-yang-01 to address > some comments since last meeting. > https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-01 > > Here are some major changes in this version: > - Align the tacacs YANG structure to system(RFC 7317) Radius client YANG > naming. > - Change major tacacs properties to be configurable for each tacacs-server. > - Add the authorization and accounting model as a system augmentation to > support the full AAA configuration. Please don't refer to TACACS+ as an AAA protocol. It's really not. It's a management protocol, and doesn't do generic user AAA. Using "AAA" here is just confusing, IMHO. e.g.: Additionally, to support full AAA feature, the "ietf-aaa" YANG module The document later refers to "ietf-aaa-tacacs", not "ietf-aaa". I would strongly suggest changing the name of the model to "ietf-tacacs". Similarly: module: ietf-system-aaa Please change this to ietf-system-tacacs. I don't see it as at all useful to re-define "AAA" to mean "TACACS" here. AAA has a well-defined meaning, which doesn't include TACACS. Alan DeKok. ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
Re: [OPSAWG] New Version Notification for draft-zheng-opsawg-tacacs-yang-01.txt
Dear WG, We uploaded the 01 version of draft-zheng-opsawg-tacacs-yang-01 to address some comments since last meeting. https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-01 Here are some major changes in this version: - Align the tacacs YANG structure to system(RFC 7317) Radius client YANG naming. - Change major tacacs properties to be configurable for each tacacs-server. - Add the authorization and accounting model as a system augmentation to support the full AAA configuration. Please review the document, comments and suggestions are welcome! Thanks, Bo -邮件原件- 发件人: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org] 发送时间: 2019年3月11日 11:11 收件人: wangzitao ; Wubo (lana) ; Zhengguangying (Walker) ; Wubo (lana) ; wangzitao 主题: New Version Notification for draft-zheng-opsawg-tacacs-yang-01.txt A new version of I-D, draft-zheng-opsawg-tacacs-yang-01.txt has been successfully submitted by Bo Wu and posted to the IETF repository. Name: draft-zheng-opsawg-tacacs-yang Revision: 01 Title: Yang data model for Terminal Access Controller Access Control System Plus Document date: 2019-03-10 Group: Individual Submission Pages: 19 URL: https://www.ietf.org/internet-drafts/draft-zheng-opsawg-tacacs-yang-01.txt Status: https://datatracker.ietf.org/doc/draft-zheng-opsawg-tacacs-yang/ Htmlized: https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-01 Htmlized: https://datatracker.ietf.org/doc/html/draft-zheng-opsawg-tacacs-yang Diff: https://www.ietf.org/rfcdiff?url2=draft-zheng-opsawg-tacacs-yang-01 Abstract: This document defines two YANG modules that augment the System data model defined in the [RFC 7317] with TACACS+ client model and additional AAA model. The data model of Terminal Access Controller Access Control System Plus (TACACS+) client allows the configuration of TACACS+ servers for centralized Authentication, Authorization and Accouting. While the current system model only supports authentication configuration, the additional AAA model allows system authorization and accouting configuration. The YANG modules in this document conforms to the Network Management Datastore Architecture (NMDA) defined in [RFC8342]. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg