IETF Logo Mail Archive

Re: [OPSAWG] New Version Notification for draft-zheng-opsawg-tacacs-yang-02.txt

Ebben Aries <exa@arrcus.com> Wed, 10 July 2019 16:25 UTC

Return-Path: <exa@arrcus.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC480120181 for <opsawg@ietfa.amsl.com>; Wed, 10 Jul 2019 09:25:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netorgft1331857.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mesX2aNBjsMq for <opsawg@ietfa.amsl.com>; Wed, 10 Jul 2019 09:25:29 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-eopbgr810040.outbound.protection.outlook.com [40.107.81.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19FED120187 for <opsawg@ietf.org>; Wed, 10 Jul 2019 09:25:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NETORGFT1331857.onmicrosoft.com; s=selector1-NETORGFT1331857-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=auwJ1D210VEWhIb26N2krnIYbsFPHLNvnqoyp/gt6CQ=; b=mz1aC7cC4gfR/7Rcw5+8Xu51Kk+9ecBwKO2c85O5wrRTHQrVWQwwmwdL6WyXYsuqKAto/vRGjMelF3fJOILYYxruHYYJpBnr8NlkCq/hIeozqurKovP9dLAKfNuOnIsAlI05hcXrvhKH3KtukpYGx+P36zKMZy7Ttmcqoh8Fxjg=
Received: from DM6PR18MB2602.namprd18.prod.outlook.com (20.179.106.138) by DM6PR18MB2780.namprd18.prod.outlook.com (20.179.49.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2052.19; Wed, 10 Jul 2019 16:25:26 +0000
Received: from DM6PR18MB2602.namprd18.prod.outlook.com ([fe80::3020:ebc2:9979:7dae]) by DM6PR18MB2602.namprd18.prod.outlook.com ([fe80::3020:ebc2:9979:7dae%6]) with mapi id 15.20.2073.008; Wed, 10 Jul 2019 16:25:26 +0000
From: Ebben Aries <exa@arrcus.com>
To: "Wubo (lana)" <lana.wubo@huawei.com>
CC: wangzitao <wangzitao@huawei.com>, "Zhengguangying (Walker)" <zhengguangying@huawei.com>, "opsawg@ietf.org" <opsawg@ietf.org>
Thread-Topic: [OPSAWG] New Version Notification for draft-zheng-opsawg-tacacs-yang-02.txt
Thread-Index: AdUnZZmkeV1/j+rlQCe9o08/xprGNwP1nkmA
Date: Wed, 10 Jul 2019 16:25:26 +0000
Message-ID: <20190710162523.fmfsgbhclb2rf2ko@localhost>
References: <e7e452e72c35410181a48c5b64062910@huawei.com>
In-Reply-To: <e7e452e72c35410181a48c5b64062910@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: BYAPR11CA0037.namprd11.prod.outlook.com (2603:10b6:a03:80::14) To DM6PR18MB2602.namprd18.prod.outlook.com (2603:10b6:5:18a::10)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=exa@arrcus.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [2601:283:4600:80a0:253a:ada9:35ca:bca6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8948d83e-e4b1-4cd2-d146-08d70553372b
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DM6PR18MB2780;
x-ms-traffictypediagnostic: DM6PR18MB2780:
x-ms-exchange-purlcount: 6
x-microsoft-antispam-prvs: <DM6PR18MB2780665A271FBC6EAFBC8548CDF00@DM6PR18MB2780.namprd18.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0094E3478A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916004)(376002)(39830400003)(396003)(136003)(366004)(346002)(199004)(189003)(476003)(25786009)(966005)(446003)(11346002)(68736007)(52116002)(2906002)(15650500001)(76176011)(8676002)(508600001)(486006)(81156014)(8936002)(33716001)(5660300002)(102836004)(6306002)(6512007)(9686003)(53936002)(99286004)(386003)(6506007)(6246003)(71200400001)(71190400001)(86362001)(305945005)(46003)(54906003)(66574012)(1076003)(7736002)(81166006)(229853002)(6116002)(6436002)(186003)(6486002)(66946007)(66446008)(64756008)(66556008)(66476007)(4326008)(14444005)(256004)(6916009)(14454004)(316002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR18MB2780; H:DM6PR18MB2602.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arrcus.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: en7BYWcs5/aYXFmWx8ziduKIBsitg6VC4h6sTdY+EqBc/RBSXfONF55GvzmX1C8QSyZRY2QerqU0i3eSoWZ3WcaEQK/S3/jGgJ2O5gm9aSqIrjlWVJr2rIJQtT7FEeQ6dJQkV2aBLUJoeU+Yl5CAr6DGerHns5QulGmdSdBJ4mSABqa4yJtIrVKNscpP5F5xqj2xeHGui7tKq0bXgOYLLudaFbKzPXeBXxKTopf+eXpaHh2T1VVbU/VTH9q+wHW1eHPDymAijqOkkCzCIYx+uG3f6m5keILFg3+ZZ8qkRU6JcycuYtYUclIwlkdNt6R6b2jr1psjLtQs++p+1J0LNFol5gf07nr1G+reUhiU/vaGPXM+KJGhYOPq4/fbUk2Wt8xE5XCVwPRmHA+KTXFdgtyQ4jJKiLLVyC92f6G/t2w=
Content-Type: text/plain; charset="utf-8"
Content-ID: <EF5DC87F4C112F4592590E91729FCE13@namprd18.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: arrcus.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8948d83e-e4b1-4cd2-d146-08d70553372b
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jul 2019 16:25:26.4236 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 697b3529-5c2b-40cf-a019-193eb78f6820
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: exa@arrcus.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR18MB2780
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/kV2-vMZkEHhNWdixUnAka0RjCNY>
Subject: Re: [OPSAWG] New Version Notification for draft-zheng-opsawg-tacacs-yang-02.txt
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 16:25:33 -0000

A few quick observations on the model

- The model defines the client configuration and state parameters only
  but to be functional for operator use w/ AAA needs a few other things,
  otherwise this by itself is incomplete
- There should likely be an identity of 'tacacsplus' that is base off
  ietf-system:authentication-method
- The 'user-authentication-order' must restrictions in ietf-system would
  need to be accounted for as is done for radius
- Is there intention to add an equivalent 'tacacsplus-authentication'
  feature much like there is for radius?

Thx

/ebben

On Jun 20 13:04 PM, Wubo (lana) wrote:
> Dear WG,
> 
> We update the 02 version of draft-zheng-opsawg-tacacs-yang-02 to address the comments from 104 meeting.
> https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-02
> 
> Here are some major changes in this version:
> -  This draft is focused on TACACS+ Client only YANG.
> -  Change the module name to ietf-system-tacacsplus.
> -  Group the all the rw objects together by changing timeout to server specific.
> -  Change "network-instance" to "vrf-instance" to make it specific and add text to describe it.
> -  Add "source-interface" as a choice to accommodate one more implementation.
> 
> Please help to review the document, comments and suggestions are welcome!
> 
> Thanks, 
> Bo
> 
> 
> -----邮件原件-----
> 发件人: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] 
> 发送时间: 2019年6月20日 20:38
> 收件人: wangzitao <wangzitao@huawei.com>; Wubo (lana) <lana.wubo@huawei.com>; Zhengguangying (Walker) <zhengguangying@huawei.com>; Wubo (lana) <lana.wubo@huawei.com>; wangzitao <wangzitao@huawei.com>
> 主题: New Version Notification for draft-zheng-opsawg-tacacs-yang-02.txt
> 
> 
> A new version of I-D, draft-zheng-opsawg-tacacs-yang-02.txt
> has been successfully submitted by Bo Wu and posted to the IETF repository.
> 
> Name:		draft-zheng-opsawg-tacacs-yang
> Revision:	02
> Title:		Yang data model for TACACS+
> Document date:	2019-06-20
> Group:		Individual Submission
> Pages:		14
> URL:            https://www.ietf.org/internet-drafts/draft-zheng-opsawg-tacacs-yang-02.txt
> Status:         https://datatracker.ietf.org/doc/draft-zheng-opsawg-tacacs-yang/
> Htmlized:       https://tools.ietf.org/html/draft-zheng-opsawg-tacacs-yang-02
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-zheng-opsawg-tacacs-yang
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-zheng-opsawg-tacacs-yang-02
> 
> Abstract:
>    This document defines a YANG modules that augment the System data
>    model defined in the RFC 7317 with TACACS+ client model.  The data
>    model of Terminal Access Controller Access Control System Plus
>    (TACACS+) client allows the configuration of TACACS+ servers for
>    centralized Authentication, Authorization and Accounting.
> 
>    The YANG modules in this document conforms to the Network Management
>    Datastore Architecture (NMDA) defined in RFC 8342.
> 
>                                                                                   
> 
> 
> Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 
> _______________________________________________
> OPSAWG mailing list
> OPSAWG@ietf.org
> https://www.ietf.org/mailman/listinfo/opsawg

v2.23.0 | Report a Bug | By Email