Re: [OPSAWG] Adam Roach's Discuss on draft-ietf-opsawg-tacacs-13: (with DISCUSS and COMMENT)

"Douglas Gash (dcmgash)" <dcmgash@cisco.com> Wed, 26 June 2019 04:31 UTC

Return-Path: <dcmgash@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34EB91206B7; Tue, 25 Jun 2019 21:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=ZZt+3e5q; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=yS17qc79
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wr2G_Dcv3oqy; Tue, 25 Jun 2019 21:31:23 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C16F1205CF; Tue, 25 Jun 2019 21:31:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=974; q=dns/txt; s=iport; t=1561523483; x=1562733083; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=2R5KFjsSA7ZoE+2BUFBUvpieW2gKXl7ZezZOGWvh5CA=; b=ZZt+3e5qj3gmumrksaqrPmEpVv4SkAW+1SYzXdCAMUSntkIItL+dpp7e kNgjExfbmF8yfEdOInVRpzYo5G+Jwmk9MzUKDx9LB6o6VCCSkiohVzbhP eEMicUoshV3KOX7SEs8f48xQyCJ4UhqTBzjSdCNEGYvCUiJHdHnLHpxPT s=;
IronPort-PHdr: =?us-ascii?q?9a23=3AB20WkBYWix+PkFF0dCxjdqH/LSx94ef9IxIV55?= =?us-ascii?q?w7irlHbqWk+dH4MVfC4el20gebRp3VvvRDjeee87vtX2AN+96giDgDa9QNMn?= =?us-ascii?q?1NksAKh0olCc+BB1f8KavmZCk1Fd9CfFRk5Hq8d0NSHZW2ag=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BxAACj9BJd/5NdJa1lHAEBAQQBAQc?= =?us-ascii?q?EAQGBVAYBAQsBgUNQA4E/IAQLKIQVg0cDjmOCNiWXOYEugSQDVAkBAQEMAQE?= =?us-ascii?q?tAgEBhEACF4JeIzUIDgEDAQEEAQECAQVtijcMhUsBAQQSEREMAQE3AQ8CAQg?= =?us-ascii?q?YAgIUBQ0CAgIwFRACBAENBRsHgwCBawMdAZp3AoE4iF9xgTGCeQEBBYUHGII?= =?us-ascii?q?RCYEMKAGLXReBf4E4DBOCTD6ERBc4gjsygiaOVZtDCQKCFZNrG4Iphw6OGI0?= =?us-ascii?q?olxICBAIEBQIOAQEFgVEBNoFYcBVlAYJBgkE3gzmKU3KBKYtjgi4BAQ?=
X-IronPort-AV: E=Sophos;i="5.63,418,1557187200"; d="scan'208";a="362419225"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 26 Jun 2019 04:30:54 +0000
Received: from XCH-RCD-014.cisco.com (xch-rcd-014.cisco.com [173.37.102.24]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x5Q4UrnN018417 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 26 Jun 2019 04:30:53 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-014.cisco.com (173.37.102.24) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 25 Jun 2019 23:30:52 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 26 Jun 2019 00:30:51 -0400
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 25 Jun 2019 23:30:51 -0500
ARC-Seal: i=1; a=rsa-sha256; s=testarcselector01; d=microsoft.com; cv=none; b=L1JyRUq+9blFDvZnnzcknGcu8xAaFqcyv3t2UzzmbOpiyH1DSOaZAA6PaSUdN5PXdoYtQAcW2lzhqE92Z5F79DnZgLuc7DgGVsgNjQOnLxa0FsIfx6ptNiEnJtHMsdl1hV2nwArc3Zw+5HXLMC57Rp+jMZeALO/kv5sC5uKzId0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=testarcselector01; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2R5KFjsSA7ZoE+2BUFBUvpieW2gKXl7ZezZOGWvh5CA=; b=O7AwEJ04iSery0/m4vO5g31vkI14kCKCgohDo9I9reQdZ1wvkRrb7J/WavrRvhYU2/V9Lwkb7uDUF+4NHZdiO23XF/45tqOUVGeMEK+NLDiv4U5e3TwAt+BnR0hFIJscgwLCcZoneKTjx3WBSJcd+fkQyWFPpaTiVKIilCGidm8=
ARC-Authentication-Results: i=1; test.office365.com 1;spf=none;dmarc=none;dkim=none;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2R5KFjsSA7ZoE+2BUFBUvpieW2gKXl7ZezZOGWvh5CA=; b=yS17qc79DB9ZdKt/LzwJivEOE5lgt5qKVkCIRlGiN4b7Uy6GbX8R3Dtqpdvwlq6XRKQ5Qe+oBshxV3uMOkTXdafmoiRZcBFOGWa6nXwLebOQoUrzRekTw7+PST9mvAsbzMa8cVjCCT/Cy90pNaq7AHBV9nDMnpQU0jdwc+YZvpU=
Received: from DM5PR11MB1322.namprd11.prod.outlook.com (10.168.104.140) by DM5PR11MB1609.namprd11.prod.outlook.com (10.172.36.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.16; Wed, 26 Jun 2019 04:30:50 +0000
Received: from DM5PR11MB1322.namprd11.prod.outlook.com ([fe80::3167:9c96:1d74:4fcd]) by DM5PR11MB1322.namprd11.prod.outlook.com ([fe80::3167:9c96:1d74:4fcd%2]) with mapi id 15.20.2008.018; Wed, 26 Jun 2019 04:30:50 +0000
From: "Douglas Gash (dcmgash)" <dcmgash@cisco.com>
To: Adam Roach <adam@nostrum.com>, The IESG <iesg@ietf.org>
CC: "Joe Clarke (jclarke)" <jclarke@cisco.com>, "opsawg@ietf.org" <opsawg@ietf.org>, "draft-ietf-opsawg-tacacs@ietf.org" <draft-ietf-opsawg-tacacs@ietf.org>, "opsawg-chairs@ietf.org" <opsawg-chairs@ietf.org>
Thread-Topic: Adam Roach's Discuss on draft-ietf-opsawg-tacacs-13: (with DISCUSS and COMMENT)
Thread-Index: AQHVK9fusmHKUlLZy0O9hlI5zblpvA==
Date: Wed, 26 Jun 2019 04:30:50 +0000
Message-ID: <FB7DF01C-5AF3-48C4-8443-F6B84513DA10@cisco.com>
References: <155798668553.30465.3681431548982215622.idtracker@ietfa.amsl.com> <1967dd24-5e1f-bdce-7a8f-f2db5548c7f1@nostrum.com>
In-Reply-To: <1967dd24-5e1f-bdce-7a8f-f2db5548c7f1@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.26.0.170902
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dcmgash@cisco.com;
x-originating-ip: [2001:420:c0c0:1008::12e]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8e689f2c-2a01-4199-e8df-08d6f9ef11a6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM5PR11MB1609;
x-ms-traffictypediagnostic: DM5PR11MB1609:
x-microsoft-antispam-prvs: <DM5PR11MB1609B96702B0503C1EC2E1C4B7E20@DM5PR11MB1609.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4303;
x-forefront-prvs: 00808B16F3
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(366004)(346002)(396003)(376002)(199004)(189003)(6512007)(14444005)(25786009)(73956011)(8936002)(46003)(8676002)(14454004)(316002)(256004)(66946007)(4744005)(53546011)(110136005)(54906003)(11346002)(76176011)(2906002)(6506007)(2616005)(58126008)(66476007)(66556008)(478600001)(64756008)(66446008)(81166006)(76116006)(81156014)(53936002)(7736002)(476003)(4326008)(71190400001)(6116002)(486006)(91956017)(68736007)(446003)(5660300002)(305945005)(86362001)(6486002)(99286004)(36756003)(33656002)(71200400001)(229853002)(6246003)(102836004)(6436002)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR11MB1609; H:DM5PR11MB1322.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: HhS7VSBPOHMd/bvKM0xk7SPRxkLUs97VOyvz9sV68RRPMvtdPj+rHdOy37KzIHpjw64cT2z0uDb50B31d+gvSYTliLOqSdK72cP3prZLDos+4pVhZcgUYFwjyOqXif8YjThRA5DQstdHDEvBWloi2Lzc0Dd9CL17gSsVSmn9I65x8mb5GTNP6hju2j/2R5Zuz2AGfKUylN+dsbnM2Mr2TWkmMowJ8bXAorXhfPjT81Zbto7IXseo3B2vVqOwazTK/QcHhwuTKsN7RFo0VLMorflQcnWYfq9dzmK43sw3IXtux2y0xbhVs7dxOV6r2OJM+zgMdc315hRTzcyyDLSRmI06SwEqi0zVwgj7+8hpOD+VgT8gVG+Pwkxv7lUvGKkSVRDcnmIm0MIGddJVHd7Dbn0SeYI5Hpr0E+uUSzg/CO8=
Content-Type: text/plain; charset="utf-8"
Content-ID: <91A2F2AA25F8164F9E05B5B56949B4A3@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 8e689f2c-2a01-4199-e8df-08d6f9ef11a6
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jun 2019 04:30:50.7464 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dcmgash@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1609
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.24, xch-rcd-014.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/7H3Jn58NmAYbBh8-F4eTDAviWWg>
Subject: Re: [OPSAWG] Adam Roach's Discuss on draft-ietf-opsawg-tacacs-13: (with DISCUSS and COMMENT)
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 04:31:31 -0000

Thanks Adam, will do.

On 16/05/2019, 15:34, "Adam Roach" <adam@nostrum.com> wrote:

    On 5/16/19 1:04 AM, Adam Roach via Datatracker wrote:
    > Without specification of preparation profiles for usernames and passwords,
    > this is an incomplete specification of how to transmit non-ASCII
    > usernames and passwords. While there are other solutions, the easy
    > way to address this is to normatively reference RFC 7613, and select
    > one of its username preparation profiles, and indicate its password
    > preparation profile. 
    
    
    And I completely missed that RFC 7613 has been obsoleted by RFC 8265. 
    Please consult RFC 8265 instead.
    
    /a