Hi all, In line with the ongoing developments regarding TACACS+ security, the following suggestions may help strengthen security content in the document:
• 9. Security considerations: - 2nd paragraph: only management protocols with adequate security apparatus, such as ***state-of-the-art encryption, mutual*** authentication [...] - Additional paragraph: ***The security implications of password-based authentication should be taken into account when designing a New Protocol or Protocol Extension.*** • Introduction, 1st paragraph: certain protocol design choices may make deployment, operations, and management particularly difficult ***or insecure*** And possibly: • 5.8 Security management, 1st paragraph: Protocol Designers should consider how to monitor and manage security aspects and vulnerabilities of the New Protocol or Protocol Extension***, including periodically re-assessing the design of the New Protocol or Protocol Extension as vulnerabilities arise*** Regards, Ionathan Les données à caractère personnel recueillies et traitées dans le cadre de cet échange, le sont à seule fin d’exécution d’une relation professionnelle et s’opèrent dans cette seule finalité et pour la durée nécessaire à cette relation. Si vous souhaitez faire usage de vos droits de consultation, de rectification et de suppression de vos données, veuillez contacter [email protected]. Si vous avez reçu ce message par erreur, nous vous remercions d’en informer l’expéditeur et de détruire le message. The personal data collected and processed during this exchange aims solely at completing a business relationship and is limited to the necessary duration of that relationship. If you wish to use your rights of consultation, rectification and deletion of your data, please contact: [email protected]. If you have received this message in error, we thank you for informing the sender and destroying the message. _______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
