As co-chair that was here when T+ first came to opsawg, let me congratulate the authors, the contributors, and the WG for getting this to a publish proposed standard! This was no easy feat, and the combined eyes and feedback on this will help to secure a multitude of management networks.
Thanks! Joe From: [email protected] <[email protected]> Date: Tuesday, December 9, 2025 at 19:37 To: [email protected] <[email protected]>, [email protected] <[email protected]> Cc: [email protected] <[email protected]>, [email protected] <[email protected]>, [email protected] <[email protected]> Subject: [OPSAWG]RFC 9887 on Terminal Access Controller Access-Control System Plus (TACACS+) over TLS 1.3 A new Request for Comments is now available in online RFC libraries. RFC 9887 Title: Terminal Access Controller Access-Control System Plus (TACACS+) over TLS 1.3 Author: T. Dahm, J. Heasley, D.C. Medway Gash, A. Ota Status: Standards Track Stream: IETF Date: December 2025 Mailbox: [email protected], [email protected], [email protected], [email protected] Pages: 15 Updates: RFC 8907 I-D Tag: draft-ietf-opsawg-tacacs-tls13-24.txt URL: https://www.rfc-editor.org/info/rfc9887 DOI: 10.17487/RFC9887 This document specifies the use of Transport Layer Security (TLS) version 1.3 to secure the communication channel between a Terminal Access Controller Access-Control System Plus (TACACS+) client and server. TACACS+ is a protocol used for Authentication, Authorization, and Accounting (AAA) in networked environments. The original TACACS+ protocol does not mandate the use of encryption or secure transport. This specification defines a profile for using TLS 1.3 with TACACS+, including guidance on authentication, connection establishment, and operational considerations. The goal is to enhance the confidentiality, integrity, and authenticity of TACACS+ traffic, aligning the protocol with modern security best practices. This document updates RFC 8907. This document is a product of the Operations and Management Area Working Group Working Group of the IETF. This is now a Proposed Standard. STANDARDS TRACK: This document specifies an Internet Standards Track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the Official Internet Protocol Standards (https://www.rfc-editor.org/standards) for the standardization state and status of this protocol. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to [email protected]. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team _______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
_______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
