[OPSAWG] Request for comment regarding TLS in TACACS+
john heasley <heas@shrubbery.net> Fri, 28 June 2019 20:38 UTC
Return-Path: <heas@shrubbery.net>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E15C12028B for <opsawg@ietfa.amsl.com>; Fri, 28 Jun 2019 13:38:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l2nRS3FeOAnr for <opsawg@ietfa.amsl.com>; Fri, 28 Jun 2019 13:38:17 -0700 (PDT)
Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ietfa.amsl.com (Postfix) with ESMTP id 351C612027B for <opsawg@ietf.org>; Fri, 28 Jun 2019 13:38:17 -0700 (PDT)
Received: by guelah.shrubbery.net (Postfix, from userid 7053) id ED4641A0485; Fri, 28 Jun 2019 20:38:16 +0000 (UTC)
Date: Fri, 28 Jun 2019 20:38:16 +0000
From: john heasley <heas@shrubbery.net>
To: opsawg@ietf.org
Cc: Thorsten Dahm <thorsten.dahm@gmail.com>, John Heasley <heas@shrubbery.net>, "Douglas Gash (dcmgash)" <dcmgash@cisco.com>, Andrej Ota <andrej@ota.si>, Chris Morrow <morrowc@google.com>
Message-ID: <20190628203816.GP69542@shrubbery.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.11.4 (2019-03-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/RBnIsK-G8ohH8m6P8k93EVvjuYY>
Subject: [OPSAWG] Request for comment regarding TLS in TACACS+
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jun 2019 20:38:19 -0000
With draft-ietf-opsawg-tacacs-13 nearing RFC status, we intend to
return to one of the subjects with which this draft began: adding TLS
support to TACACS+.
We will submit a draft to OPSAWG adding TLS support for TACACS+ to
include:
- separate well-known port for TLS (no STARTTLS functionality)
- address use of PSKs & TLS-Certs
We invite comment about these and/or other TLS-related functionality
for inclusion in the draft.
- [OPSAWG] Request for comment regarding TLS in TAC… john heasley