Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs-security-00.txt
Randy Bush <randy@psg.com> Thu, 30 June 2022 15:52 UTC
Return-Path: <randy@psg.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F04EC15C7CA; Thu, 30 Jun 2022 08:52:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wA5-M5WVhU7I; Thu, 30 Jun 2022 08:51:59 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3CDFC15C7CB; Thu, 30 Jun 2022 08:51:59 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.93) (envelope-from <randy@psg.com>) id 1o6wSM-0003KY-0Q; Thu, 30 Jun 2022 15:51:50 +0000
Date: Thu, 30 Jun 2022 08:51:48 -0700
Message-ID: <m2sfnmqhd7.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>
Cc: Alan DeKok <aland@deployingradius.com>, heasley <heas@shrubbery.net>, "opsawg@ietf.org" <opsawg@ietf.org>, "Douglas Gash (dcmgash)" <dcmgash@cisco.com>, Andrej Ota <andrej@ota.si>, Thorsten Dahm <thorsten.dahm@gmail.com>
In-Reply-To: <BN9PR11MB5371D3375FEB7727BCA96921B8BA9@BN9PR11MB5371.namprd11.prod.outlook.com>
References: <YryZcYAjzaUr/Er1@shrubbery.net> <D14D7902-487E-4C8C-8D1A-99CE0CF03FAF@deployingradius.com> <BN9PR11MB5371D3375FEB7727BCA96921B8BA9@BN9PR11MB5371.namprd11.prod.outlook.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/26.3 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="ISO-8859-7"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/kPRl-Jm30H6Yb1I5LCUxuuG9lLQ>
Subject: Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs-security-00.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2022 15:52:00 -0000
> As an contributor, I rather like the simpler TLS encap over T+ > approach described in the tls13 draft. I’d personally not > over-engineer something that isn’t immediately required. T+ has been > around for a while and is heavily used. I don’t know that we need to > spend time adding extensibility. yep. and tls is fairly well established and widely implemented. we used to say "don't reinvent tcp." now it is "don't reinvent tls." randy
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… heasley
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… Alan DeKok
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… Joe Clarke (jclarke)
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… Douglas Gash (dcmgash)
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… Randy Bush
- Re: [OPSAWG] I-D Action: draft-dahm-opsawg-tacacs… Joe Clarke (jclarke)