Hi all, The initial objective of -03 was to enhance the readability of the document and prepare the doc for the WGLC. The main changes are:
* Added a new section to list all the changes vs. 9105 * Updated the YANG with an exhaustive list of changes * Fixed some errors in the 9105 YANG module * removed mandatory stmt for discontinuity time * removed a stale narrative text about keepalive to echo the resolution made in the WGLC of T+TLS (https://mailarchive.ietf.org/arch/msg/opsawg/CXMtDH_GWRlZfCRhKhggA4zapuA/), mainly this part: "For this reason, keepalives are not required to be supported." (3.2 of draft-ietf-opsawg-tacacs-tls13) * Completed the security section * Added examples to illustrate TLS use For the base T+TLS spec, the following pending comments were shared with the authors: * Add a statement that fallback to non-TLS must not happen for a given server instance. * Cite the YANG module as part of the manageability considerations Cheers, Med Orange Restricted > -----Message d'origine----- > De : internet-dra...@ietf.org <internet-dra...@ietf.org> > Envoyé : lundi 16 décembre 2024 14:23 > À : i-d-annou...@ietf.org > Cc : opsawg@ietf.org > Objet : I-D Action: draft-ietf-opsawg-secure-tacacs-yang-03.txt > > > Internet-Draft draft-ietf-opsawg-secure-tacacs-yang-03.txt is now > available. > It is a work item of the Operations and Management Area Working > Group (OPSAWG) WG of the IETF. > > Title: A YANG Data Model for Terminal Access Controller > Access-Control System Plus (TACACS+) > Authors: Mohamed Boucadair > Bo Wu > Guangying Zheng > Michael Wang > Name: draft-ietf-opsawg-secure-tacacs-yang-03.txt > Pages: 46 > Dates: 2024-12-16 > > Abstract: > > This document defines a Terminal Access Controller Access- > Control > System Plus (TACACS+) client YANG module that augments the > System > Management data model, defined in RFC 7317, to allow devices > to make > use of TACACS+ servers for centralized Authentication, > Authorization, > and Accounting (AAA). Specifically, this document defines a > YANG > module for TACACS+ over TLS 1.3. > > This document obsoletes RFC 9105. > > The IETF datatracker status page for this Internet-Draft is: > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2 > Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-opsawg-secure-tacacs- > yang%2F&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C6e05acbe8 > 6fb443b470308dd1dd4d949%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C > 0%7C638699522185806477%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo > yfQ%3D%3D%7C0%7C%7C%7C&sdata=2iO0ZdxNO8tulDjY%2FS03WtARRF8%2Bpqyw > AozAObn9tsw%3D&reserved=0 > > There is also an HTML version available at: > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2 > Fwww.ietf.org%2Farchive%2Fid%2Fdraft-ietf-opsawg-secure-tacacs- > yang- > 03.html&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C6e05acbe8 > 6fb443b470308dd1dd4d949%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C > 0%7C638699522185829338%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOn > RydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjo > yfQ%3D%3D%7C0%7C%7C%7C&sdata=4g9de%2F8m7x%2BMhX9ocBUNHvaXqYEuU5NX > lkvet4Xzjo8%3D&reserved=0 > > A diff from the previous version is available at: > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2 > Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-ietf-opsawg- > secure-tacacs-yang- > 03&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C6e05acbe86fb44 > 3b470308dd1dd4d949%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C6 > 38699522185839929%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWU > sIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3 > D%3D%7C0%7C%7C%7C&sdata=YZSDfTKt%2B8TAx7O4LrXmuZOHOfVLi%2FVCOyDVz > VSMPVs%3D&reserved=0 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > I-D-Announce mailing list -- i-d-annou...@ietf.org To unsubscribe > send an email to i-d-announce-le...@ietf.org ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _______________________________________________ OPSAWG mailing list -- opsawg@ietf.org To unsubscribe send an email to opsawg-le...@ietf.org
