On Thu, Feb 18, 2016 at 10:28 AM, joel jaeggli <joe...@bogus.com> wrote: > On 2/18/16 7:18 AM, William Herrin wrote: >> In my opinion, IETF standards track RFCs should be reserved for >> protocols for which further development is expected to occur primarily >> within the IETF framework. As I understand the situation (feel free to >> correct me if I'm wrong), TACACS+ is a vendor maintained standard, >> specifically Cisco. Regardless of publication, Cisco intends to retain >> control of the standard and its future development. > > Assuming the document is split into to pieces here part of goal as I > understand it is address the issue of adding ssl to the existing > specification in an inter-operable fashion.
Hi Joel, Is Cisco prepared to cede further change control of the core TACACS+ standard to the IETF process? I have no objection to the IETF absorbing, standardizing and improving the TACACS+ protocol if that is the vendor's desire. I would not want to see multiple standards bodies in control of different little bits of the TACACS+ standard. I think that would sow needless confusion among the folks trying to work with it. I respectfully observe that should Cisco wish to retain control of the core TACACS+ standard, nothing prevents them from adopting a consensus recommendation for security improvements into the standard without any need for IETF publication. In such situations, IETF publication offers little more than bragging rights. Regards, Bill Herrin -- William Herrin ................ her...@dirtside.com b...@herrin.us Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/> _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg