Re: [secdir] [OPSAWG] Secdir last call review of draft-ietf-opsawg-tacacs-13
Randy Bush <randy@psg.com> Tue, 23 April 2019 01:25 UTC
Return-Path: <randy@psg.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25B5F120113; Mon, 22 Apr 2019 18:25:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b5WfGD9GKsV6; Mon, 22 Apr 2019 18:25:04 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A8D31200F7; Mon, 22 Apr 2019 18:25:04 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.90_1) (envelope-from <randy@psg.com>) id 1hIkB8-0000EB-99; Tue, 23 Apr 2019 01:24:58 +0000
Date: Mon, 22 Apr 2019 18:24:56 -0700
Message-ID: <m24l6pikd3.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Joseph Salowey <joe@salowey.net>
Cc: Andrej Ota <andrej@ota.si>, opsawg@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-opsawg-tacacs.all@ietf.org, secdir <secdir@ietf.org>
In-Reply-To: <CAOgPGoB1GvQOTWPnTCLmOA=CWsc5znr-Y_Xr9jqmOEzJuepr3g@mail.gmail.com>
References: <155590495142.9736.10585624358883108199@ietfa.amsl.com> <20190422182358.B69FB17821@mta2.toshio.eu> <CAOgPGoB1GvQOTWPnTCLmOA=CWsc5znr-Y_Xr9jqmOEzJuepr3g@mail.gmail.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/26.2 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/odFKrEgcuPFG2ERR4x_ZIxsBqak>
Subject: Re: [secdir] [OPSAWG] Secdir last call review of draft-ietf-opsawg-tacacs-13
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 01:25:06 -0000
>> Agreed to replace the section with a simple statement that >> obfuscation provides no integrity or replay protection. I'm assuming >> this refers just to 10.1 and not the whole of 10. >> > [Joe] I think you could probably replace a large portion of 10.2, 3 and 4 > as well. hyperbole is not constructive creaky as it is, this is an informational draft which is documenting an extremely widely used and distributed protocol. no one is gonna change millions of devices and thousands of servers for tweaks. no one moves for a 10% improvement, especially if there is no functional improvement. we need to document it so we can put this in the can and move forward to modernizing it. then, if we have a seriously functionally improved and modernized protocol, we will start the 42 year process of rolling it out. randy
- [secdir] Secdir last call review of draft-ietf-op… Joseph Salowey via Datatracker
- Re: [secdir] [OPSAWG] Secdir last call review of … Randy Bush
- Re: [secdir] Secdir last call review of draft-iet… Andrej Ota
- Re: [secdir] Secdir last call review of draft-iet… Joseph Salowey
- Re: [secdir] [OPSAWG] Secdir last call review of … Randy Bush
- Re: [secdir] [OPSAWG] Secdir last call review of … joel jaeggli