Thank you again Alan for more quality feedback! Regards,
Doug > On 15 Jul 2016, at 16:38, Alan DeKok <al...@deployingradius.com> wrote: > >> On Jul 15, 2016, at 11:24 AM, Alan DeKok <al...@deployingradius.com> wrote: >> The Security Considerations section is in the middle of the document, where >> it's typically at the end. That's a minor nit. The larger one is that the >> Security Considerations section is pretty minimal. It should describe >> operational issues with the protocol, and comments as to what the security >> implications are for network management traffic to be sent in the clear. > > For example: > > Security Considerations > > This specification describes a protocol as originally designed in 199X, and > as such does not use modern security practices. A later document will update > TACACS+ to meet modern security standards. > > There are a number of issues with the protocol design and common use-cases. > The most significant are issues related to privacy and authentication. The > protocol includes an obfuscation mechanism referred to in the original draft > as Body Encryption. This obfuscation method has not had security analysis, > and should be assumed to be broken. Portions of the protocol are sent > clear-text, while others are sent obfuscated. An attacker may be able to > modify the clear-text portions without detection. > > When the obfuscation mechanism is not used, the protocol is entirely > unauthenticated. Anyone capable of spoofing or intercepting traffic for the > source or destination of the TCP connection can masqeurade as the client or > server without detection. This attack would allow a malicious after > unrestricted access to the management devices allegedly "protected" by this > protocol. > > When the obfuscation mechanism is not used, the protocol is also completely > open. All traffic is visible to an eavesdropper, which can leak information > about the network. An eavesdropper may also be able to intercept, and > modify, packets without detection. > > > etc. The section should list the possible attacks, and how to defend > against them. > > Alan DeKok > _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
