Thanks for the reply, Andrej. Additional comments below.
On 5/10/18 10:45, Andrej Ota wrote:
9.1. General Security of The Protocol
TACACS+ protocol does not include a security mechanism that would
meet modern-day requirements. Support for MD5-based crypto pad
encr
Hi Joe,
We did, but also all three of us got a bit bogged down by other work. I have to
wrap up section 9 "digest" while Douglas and Thorsten are doing similar for
other sections where they got through the mail history and they're wrapping
that up to send out an e-mail as well.
Considering th
Hello, T+ authors. Did you have a chance to read over my comments
below? What thoughts do you have? Some of these points admittedly need
some discussion.
Thanks.
Joe
On 4/30/18 10:30, Joe Clarke wrote:
> On 4/15/18 02:27, Douglas Gash (dcmgash) wrote:
>> Hello Opsawg,
>>
>> We have uploaded a
On 4/30/18 10:33, Andrej Ota wrote:
> Hi Joe & opsawg,
>
>
2) Reactivity of the Authors.
As far as I know, we have responded to most posts regarding the content of
the document, with point-by-point replies,
>>>
>>> No.
>>>
>>> See the list archives, especially May 2017. Th
Hi Joe & opsawg,
>>> 2) Reactivity of the Authors.
>>>
>>> As far as I know, we have responded to most posts regarding the content of
>>> the document, with point-by-point replies,
>>
>> No.
>>
>> See the list archives, especially May 2017. There are multiple people
>> suggesting that you
On 4/15/18 02:27, Douglas Gash (dcmgash) wrote:
> Hello Opsawg,
>
> We have uploaded a new version of the TACACS+ informational draft which
> includes corrections for typos over the document as a whole, but also revised
> the security section. We anticipate this security section will get most
>
Alan, T+ authors, and opsawg,
Sorry for the noticeable absence from this thread. I've been focused on
some dayjob projects these past couple of weeks.
I have followed the threads, though. I want to hopefully bring some
things to closure and get us all to move forward to come to consensus on
thi
-Original Message-
> From: OPSAWG [mailto:opsawg-boun...@ietf.org] On Behalf Of Alan DeKok
> Sent: Tuesday, April 17, 2018 11:07 PM
> To: Douglas Gash (dcmgash)
> Cc: opsawg@ietf.org; Andrej Ota ; Thorsten Dahm
>
> Subject: Re: [OPSAWG] New Version Notification for
&g
On Apr 17, 2018, at 10:15 AM, Douglas Gash (dcmgash) wrote:
> Initially (up to around version 5) we included just a very simple security
> section admitting that T+ was insecure and that the second document would
> address the issue. This was deemed to be insufficient, and instead the WG
> coll
Hi Alan,
I hope that we can address your concerns. I think the main points that you
raise the we (the authors) need to address are:
1) The security section
2) Reactivity of the authors
3) Change Tracking
1) The Security Section
The starting point is that we know that TACACS+ needs enhancement
Hello Opsawg,
We have uploaded a new version of the TACACS+ informational draft which
includes corrections for typos over the document as a whole, but also revised
the security section. We anticipate this security section will get most
comments, so it is reproduced below.
We will endeavor to b
11 matches
Mail list logo