Hi Bo,
Thank you for the comments.
The initial intent was to simplify the provisioning when a server instance is
identified with a name, same credentials but with a list of IPv4/IPv6
addresses. As discussed with Joe, the list of addresses will be removed as the
benefit may not be evident given current practices for configuring server
instances.
For the domain name, the citation is broken as the section numbering was
changed in the T+TLS spec:
OLD:
'domain-name': Provides a domain name of the server per Section 3.3
of [I-D.ietf-opsawg-tacacs-tls13].
NEW:
'domain-name': Provides a domain name of the server per Section 3.4.2.
of [I-D.ietf-opsawg-tacacs-tls13].
Cheers,
Med
De : Wubo (lana) <lana.wubo=40huawei....@dmarc.ietf.org>
Envoyé : mercredi 30 octobre 2024 10:51
À : Joe Clarke (jclarke) <jclarke=40cisco....@dmarc.ietf.org>; opsawg@ietf.org
Objet : [OPSAWG]Re: CALL FOR ADOPTION: A YANG Model for Terminal Access
Controller Access-Control System Plus (TACACS+) over TLS 1.3
Hi Joe, WG,
I support the adoption of this draft. This draft is useful, filling the gap of
extending RFC 9105 TACACS+ YANG with the enhancement of TACAS+ TLS.
While reading the document, I'm having trouble understanding the 'sever' part
YANG of the 'remote-address' and 'domain-name' extensions. I fail to find any
explanation for them in the draft-ietf-opsawg-tacacs-tls13.
Thanks,
Bo Wu
From: Joe Clarke (jclarke)
<jclarke=40cisco....@dmarc.ietf.org<mailto:jclarke=40cisco....@dmarc.ietf.org>>
Sent: Tuesday, October 22, 2024 9:24 PM
To: opsawg@ietf.org<mailto:opsawg@ietf.org>
Subject: [OPSAWG]CALL FOR ADOPTION: A YANG Model for Terminal Access Controller
Access-Control System Plus (TACACS+) over TLS 1.3
The IPR poll has concluded (no known IPR has been disclosed), and we would like
to start a two week adoption poll for
draft-boucadair-opsawg-secure-tacacs-yang<https://datatracker.ietf.org/doc/draft-boucadair-opsawg-secure-tacacs-yang/>.
Please respond on-list with support and especially comments.
The adoption call will run until November 5.
Thanks.
Joe
____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
_______________________________________________
OPSAWG mailing list -- opsawg@ietf.org
To unsubscribe send an email to opsawg-le...@ietf.org
