IETF Logo Mail Archive

Re: [OPSAWG] FW: New Version Notification for draft-dahm-opsawg-tacacs-01.txt

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Mon, 16 November 2015 12:27 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C04EF1A8A71 for <opsawg@ietfa.amsl.com>; Mon, 16 Nov 2015 04:27:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.086
X-Spam-Level:
X-Spam-Status: No, score=-15.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FdRPMiNJwibR for <opsawg@ietfa.amsl.com>; Mon, 16 Nov 2015 04:27:06 -0800 (PST)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26BE71A8A6D for <opsawg@ietf.org>; Mon, 16 Nov 2015 04:27:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4430; q=dns/txt; s=iport; t=1447676826; x=1448886426; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=R3dGisIFmrSmW4r4LcQ/aqoi9h3SxkxbdIiikPlAkSg=; b=Cv61jAWMCzeV3K0TX3B44MxjMElu4OQxEDBh6MRe6u+F50fykvu2gF+1 YVbO/hRU6rVr7CvN7LnSOmtttG76kJLq4RW/092dOTJGy1y/z3NQWr+lX wF2An1euV1K5tDlP/GLJNHTT3aGVEZFRfc4hUkFoR15e0oDV5eAT1GYUG o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ARAgC7yklW/5FdJa1egztTbwa+TwENgWQXCoUlSgIcgR04FAEBAQEBAQGBCoQ0AQEBBAEBASAROgkSAgEIGAICJgICAiULFQcJAgQBEoguDaoKkAQBAQEBAQEBAQEBAQEBAQEBAQEBGoEBhVMBhH2EWRiDBIFEBY0bhUyDYQGFHIgKgVtJg3eSOINxAR8BAUKEBHIBhEOBBwEBAQ
X-IronPort-AV: E=Sophos;i="5.20,302,1444694400"; d="scan'208";a="45366703"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-8.cisco.com with ESMTP; 16 Nov 2015 12:27:05 +0000
Received: from XCH-RTP-013.cisco.com (xch-rtp-013.cisco.com [64.101.220.153]) by rcdn-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id tAGCR4lk019513 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 16 Nov 2015 12:27:05 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-013.cisco.com (64.101.220.153) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Mon, 16 Nov 2015 07:27:04 -0500
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1104.000; Mon, 16 Nov 2015 07:27:04 -0500
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Warren Kumari <warren@kumari.net>, "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: [OPSAWG] FW: New Version Notification for draft-dahm-opsawg-tacacs-01.txt
Thread-Index: AQHRIGoZhYnX54dRC0O+u0h5E2XoPg==
Date: Mon, 16 Nov 2015 12:27:04 +0000
Message-ID: <D26F8962.5E2B9%evyncke@cisco.com>
References: <20151002152505.26594.74925.idtracker@ietfa.amsl.com> <D237455F.BC00F%dcmgash@cisco.com> <CAHw9_iKOM5N3-HS3ZOFFaDHYTV7rDaf3YHo-dEmdTU9-4W49aw@mail.gmail.com>
In-Reply-To: <CAHw9_iKOM5N3-HS3ZOFFaDHYTV7rDaf3YHo-dEmdTU9-4W49aw@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.8.151023
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.60.138.46]
Content-Type: text/plain; charset="utf-8"
Content-ID: <E4A46C8ED1EB6846B223234F91243A74@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/opsawg/ejHB1Ldm8GTty5GK2PH7eIi9qho>
Subject: Re: [OPSAWG] FW: New Version Notification for draft-dahm-opsawg-tacacs-01.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2015 12:27:07 -0000

Important document indeed.

I have a comment on section 7.1 where "ip" as a protocol (the double
quotes are from the I-D) is mentioned but does it mean IPv4 or IPv6 or
both?

In the same section, may I suggest to describe the syntax of the 'addr'
field?

Hope this helps to increase the quality of this important I-D

-éric


On 13/11/15 19:37, "OPSAWG on behalf of Warren Kumari"
<opsawg-bounces@ietf.org on behalf of warren@kumari.net> wrote:

>We would really appreciate any feedback on this document. Personally I
>think it is really useful, but we need the WG to review and provide
>feedback.
>
>Over the years I've heard a number of people kvetch that TACACS+ isn't
>documented -- well, now you can, you know, actually do something about
>this...
>
>W
>
>On Sun, Oct 4, 2015 at 4:18 PM, Douglas Gash (dcmgash)
><dcmgash@cisco.com> wrote:
>> Dear Opsawg List,
>>
>> We have uploaded a second revision of the TACACS+ protocol specification
>> which we believe is ready for publication subject subject to port
>> allocation.
>>
>> Please see details below.
>>
>> The essential difference from the first revision is the change of TLS
>> option support using a separate port as opposed to the original Start
>>TLS
>> mechanism.
>>
>> We would be very grateful for the opinion of the list regarding the
>> suitability of document for publication as an RFC.
>>
>> Many thanks,
>>
>> Thorsten, Andrej, Doug.
>>
>>
>> On 02/10/2015 16:25, "internet-drafts@ietf.org"
>><internet-drafts@ietf.org>
>> wrote:
>>
>>>
>>>A new version of I-D, draft-dahm-opsawg-tacacs-01.txt
>>>has been successfully submitted by Douglas C. Medway Gash and posted to
>>>the
>>>IETF repository.
>>>
>>>Name:          draft-dahm-opsawg-tacacs
>>>Revision:      01
>>>Title:         The TACACS+ Protocol
>>>Document date: 2015-10-02
>>>Group:         Individual Submission
>>>Pages:         38
>>>URL:
>>>https://www.ietf.org/internet-drafts/draft-dahm-opsawg-tacacs-01.txt
>>>Status:         
>>>https://datatracker.ietf.org/doc/draft-dahm-opsawg-tacacs/
>>>Htmlized:       https://tools.ietf.org/html/draft-dahm-opsawg-tacacs-01
>>>Diff:
>>>https://www.ietf.org/rfcdiff?url2=draft-dahm-opsawg-tacacs-01
>>>
>>>Abstract:
>>>   TACACS+ provides access control for routers, network access servers
>>>   and other networked computing devices via one or more centralized
>>>   servers.  TACACS+ provides separate authentication, authorization and
>>>   accounting services.  This document describes the protocol that is
>>>   used by TACACS+.
>>>
>>>
>>>
>>>
>>>
>>>Please note that it may take a couple of minutes from the time of
>>>submission
>>>until the htmlized version and diff are available at tools.ietf.org.
>>>
>>>The IETF Secretariat
>>>
>>
>
>
>
>-- 
>I don't think the execution is relevant when it was obviously a bad
>idea in the first place.
>This is like putting rabid weasels in your pants, and later expressing
>regret at having chosen those particular rabid weasels and that pair
>of pants.
>   ---maf
>
>_______________________________________________
>OPSAWG mailing list
>OPSAWG@ietf.org
>https://www.ietf.org/mailman/listinfo/opsawg

v2.23.0 | Report a Bug | By Email