On Jul 9, 2018, at 5:51 PM, Andrej Ota <and...@ota.si> wrote: > Is it worth asking everyone or even expecting anyone to migrate to > new-improved-and-still-insecure revision of T+ that requires exactly same > amount of operational solutions to secure deployment?
Is anyone asking for that? No? Then why bring it up? It's a straw man. As a case in point, there are RADIUS "best practices" documents from 10 years ago that vendors still ignore. That's their right. The IETF isn't about requiring or mandating that anyone do anything. It's about allowing people to make informed decisions. Which means recommending best practices. It means recommending how best to deploy TACACS+... legacy. Even if there's no "better" version of TACACS+ yet available. There is no desire to "invalidate" current implementations. The desire is to *recommend* best practices for new deployments. This shouldn't be the least bit controversial. Alan DeKok. _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
