IETF Logo Mail Archive

Re: [OPSAWG] draft-ietf-opsawg-tacacs-06 Contributions, Status and Plans

Tianran Zhou <zhoutianran@huawei.com> Fri, 19 May 2017 04:11 UTC

Return-Path: <zhoutianran@huawei.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB940129B7F; Thu, 18 May 2017 21:11:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.222
X-Spam-Level:
X-Spam-Status: No, score=-4.222 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EI2b5dxlsnVf; Thu, 18 May 2017 21:11:48 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED86D129B82; Thu, 18 May 2017 21:06:28 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DNI54666; Fri, 19 May 2017 04:06:27 +0000 (GMT)
Received: from NKGEML413-HUB.china.huawei.com (10.98.56.74) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 19 May 2017 05:06:26 +0100
Received: from NKGEML515-MBX.china.huawei.com ([fe80::a54a:89d2:c471:ff]) by NKGEML413-HUB.china.huawei.com ([10.98.56.74]) with mapi id 14.03.0235.001; Fri, 19 May 2017 12:06:13 +0800
From: Tianran Zhou <zhoutianran@huawei.com>
To: "t.petch" <ietfc@btconnect.com>, Ignas Bagdonas <ibagdona@gmail.com>
CC: "opsawg@ietf.org" <opsawg@ietf.org>, "draft-ietf-opsawg-tacacs@ietf.org" <draft-ietf-opsawg-tacacs@ietf.org>, "opsawg-chairs@ietf.org" <opsawg-chairs@ietf.org>
Thread-Topic: [OPSAWG] draft-ietf-opsawg-tacacs-06 Contributions, Status and Plans
Thread-Index: AQHSy08ttZSP0sW41keg1j/jrc0SIqHwlGUAgACwjQCAAF79gIADaB0AgACY5seAAIYPYIAELuD4gAC5Z0A=
Date: Fri, 19 May 2017 04:06:12 +0000
Message-ID: <BBA82579FD347748BEADC4C445EA0F21A2385002@NKGEML515-MBX.china.huawei.com>
References: <D53BBCC7.22ECC8%dcmgash@cisco.com> <61D9FC7A-6F10-44E6-8400-578C4FEE1988@deployingradius.com> <D53C62F4.22F82E%dcmgash@cisco.com> <E7D62944-46B9-4091-BF16-0AF8CA47626D@deployingradius.com> <fc8a1ff5-db6f-d463-8ff7-77ec03f1f25f@gmail.com> <006101d2cd9c$e8c0afe0$4001a8c0@gateway.2wire.net> <BBA82579FD347748BEADC4C445EA0F21A237CE44@NKGEML515-MBX.china.huawei.com> <00c501d2cff7$ca31d1a0$4001a8c0@gateway.2wire.net>
In-Reply-To: <00c501d2cff7$ca31d1a0$4001a8c0@gateway.2wire.net>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.111.156.116]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.591E6F43.00CC, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 1cc4deecea39d26d01528db6f007fe95
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/s8vCmk26xYsvBTwQKO5_UBgpk7o>
Subject: Re: [OPSAWG] draft-ietf-opsawg-tacacs-06 Contributions, Status and Plans
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2017 04:11:51 -0000

Hi Tom,

There was a conclusion based on the WG consensus:
https://mailarchive.ietf.org/arch/msg/opsawg/lR3TFRfaR8OldmPFjuVhRTQZHEE

As the first step, we
"Produce an informational document which documents the TACACS+ protocol as it stands today (as best as we can)."

My suggestion is that we do not cost too much time on the basic TACACS+.

On one hand, Alan as from the SECDIR gave this I-D many useful suggestions. On the other hand, we are going to ask for SECDIR early review once the existing comments are solved. 

Regards,
Tianran

> -----Original Message-----
> From: t.petch [mailto:ietfc@btconnect.com]
> Sent: Friday, May 19, 2017 12:57 AM
> To: Tianran Zhou; Ignas Bagdonas
> Cc: opsawg@ietf.org; draft-ietf-opsawg-tacacs@ietf.org;
> opsawg-chairs@ietf.org
> Subject: Re: [OPSAWG] draft-ietf-opsawg-tacacs-06 Contributions, Status
> and Plans
> 
> WG Chairs
> 
> A slight change of thought.
> 
> This I-D, as Alan has commented and Doug acknowledges, has several places
> where the description of security is more 1997 than 2017.  If we turn such
> parts into a clear, concise specification, we may then find that we have
> wasted our time since the Security Directorate then says that no way can
> that appear in an RFC, even an Informational one.
> 
> Would it be worth seeking guidance now on what is or is not likely to be
> acceptable to a Security Directorate review?  Not a line by line analysis
> but rather higher level guidance as to whether such things as MD4, ASCII
> login,
> RFC2433 as Best Practice and so on can appear.
> 
> Tom Petch
> 
> ----- Original Message -----
> From: "Tianran Zhou" <zhoutianran@huawei.com>
> To: "t.petch" <ietfc@btconnect.com>; "Alan DeKok"
> <aland@deployingradius.com>; "Ignas Bagdonas" <ibagdona@gmail.com>
> Cc: "Douglas Gash (dcmgash)" <dcmgash@cisco.com>; <opsawg@ietf.org>;
> <draft-ietf-opsawg-tacacs@ietf.org>; <opsawg-chairs@ietf.org>;
> <ops-ads@ietf.org>
> Sent: Tuesday, May 16, 2017 2:18 AM
> 
> Thanks Tom for pointing this out.
> We appreciate any review comment. That really helps to improve the document.
> I think it's back on the right track now. Hopefully, the authors can respond
> to more interactions.
> 
> 
> Regards,
> Tianran
> > -----Original Message-----
> > From: t.petch [mailto:ietfc@btconnect.com]
> > Sent: Tuesday, May 16, 2017 1:01 AM
> > To: Alan DeKok; Ignas Bagdonas
> > Cc: Douglas Gash (dcmgash); opsawg@ietf.org;
> > draft-ietf-opsawg-tacacs@ietf.org; opsawg-chairs@ietf.org;
> > ops-ads@ietf.org
> > Subject: Re: [OPSAWG] draft-ietf-opsawg-tacacs-06 Contributions,
> Status
> > and Plans
> >
> > ----- Original Message -----
> > From: "Ignas Bagdonas" <ibagdona@gmail.com>
> > To: "Alan DeKok" <aland@deployingradius.com>
> > Sent: Monday, May 15, 2017 5:00 PM
> >
> > > Hi Alan,
> > >
> > > On 13/05/2017 12:59, Alan DeKok wrote:
> > > > The approach in the IETF is to have authors move towards WG
> > consensus.
> > > > i.e. to prove to to the WG that the draft is ready for
> publication.
> > > >    If you're not going to work towards WG consensus, I suggest the
> > chairs replace you with authors who will.
> > >
> > > WG chairs can appoint or change authors if needed under the process
> > > described in RFC7221 and its referenced documents. The individual
> > draft
> > > has been accepted as a WG one a while ago with no changes in author
> > > list. If current document authors would like to make any changes to
> > > author/co-author/editor list WG chairs will certainly approve those
> > > changes. Otherwise unless there is clear evidence that current
> authors
> > > cannot make progress with the document, WG chairs do not have
> > intentions
> > > of changing the author list. This decision may be revisited if
> > evidence
> > > of author/co-author/editor duties not being performed to the
> expected
> > > level surfaces, but at this time there is no such evidence. The
> > process
> > > of progressing the document is slow, slower than it could have been,
> > but
> > > it is not stalled.
> >
> > Ignas
> >
> > I echo part of what Alan says, that for a WG document, the editors
> should
> > reflect the consensus of the WG.  The problem I see is the lack of
> consensus,
> > not with people disagreeing, but with an absence of people agreeing.
> >
> > Alan made a number of comments in October last year, Alexander made
> some
> > in  November but I did not see much follow up from anyone else to
> either
> > set of comments.
> >
> > Trouble is, do the editors incorporate comments that one person has
> made
> > and noone else has agreed or disagreed with?  There is no good answer.
> >
> > In other WGs, I have seen ping-pong, one person comments, comments
> > incorporated, someone else then disagrees, disagreements incorporated
> into
> > a new revision, first person comes back, changes incorporated into a
> newer
> > revision and so on, circling around a lack of consensus.
> > Changing editors, unless it is to someone remote from the subject, is
> unlikely
> > to change things..
> >
> > I did look at Alan's comments, agreed with some, disagreed with
> others,
> > ditto Alexander's, but was disinclined to do more with noone else
> chipping
> > in, especially as several more did chip in in the initial stages of
> should
> > we adopt this, and what status should it be.
> >
> > How you stir people into life is a challenge for WG chairs.
> >
> > Tom Petch
> >
> > > Thank you.
> > >
> > > Ignas
> > >
> > >
> > >
> > > _______________________________________________
> > > OPSAWG mailing list
> > > OPSAWG@ietf.org
> > > https://www.ietf.org/mailman/listinfo/opsawg

v2.23.0 | Report a Bug | By Email