Re: [OPSAWG] Secdir last call review of draft-ietf-opsawg-tacacs-13

On 4/21/19 20:56, Randy Bush wrote: >> "TACACS+ MUST be used with an addition security mechanism to >> protection of the communication such as IPSEC or a secure network such >> as described in 10.5. " > > not operationaly viable I don't deploy tacacs+ plus anymore, but when I did, concerted effor

Re: [OPSAWG] TACACS+ information Draft Security Recommendations refactor

On 7/13/18 4:30 AM, Alan DeKok wrote: > There have been many, many, historical protocols documented in the IETF. > None that I recall have a statement explicitly blessing existing > implementations. > > The document *should* say that it documents TACACS+ as per existing > implementatio

Re: [OPSAWG] WG adoption poll for In-Situ OAM drafts

Hi, I thought I would try and wrap this up since we're a bit over a month since we put out the initial call after Seoul. By my observation there have been a number of favorable expressions of interest in pursuing this work both in OPS and elsewhere in the Routing area. That said I think one of th

[OPSAWG] draft-brockners-inband-oam-transport - interactions with header insertion.

Hi was reviewing https://tools.ietf.org/html/draft-brockners-inband-oam-transport-00 I note that 2460bis work going on https://datatracker.ietf.org/doc/draft-ietf-6man-rfc2460bis would probably take issue with header insertion as proposed as one mechanism here: https://tools.ietf.org/html/dra

Re: [OPSAWG] Kathleen Moriarty's No Objection on draft-ietf-opsawg-capwap-alt-tunnel-08: (with COMMENT)

On 10/25/16 6:24 AM, Warren Kumari wrote: > On Tue, Oct 25, 2016 at 2:41 PM, Duzongpeng wrote: >> Hello, >> >> I would like to give some suggestions as below. >> >> Some operators deploys their WiFi networks with the data channel >> unsecured, and even for the wireless part, there

[OPSAWG] Joel Jaeggli's Discuss on draft-ietf-opsawg-capwap-alt-tunnel-08: (with DISCUSS)

Joel Jaeggli has entered the following ballot position for draft-ietf-opsawg-capwap-alt-tunnel-08: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer

Re: [OPSAWG] WG consensus call for the IANA early assignment //RE: Adoption poll for draft-lear-ietf-netmod-mud-04

Thanks, I'll open up a line of disucssion with iana on this. regards joel On 10/20/16 12:30 PM, Warren Kumari wrote: > So, we chatted with our AD (CCed). > He feels that RFC 7120 is clear enough that he can just request early > allocation using the draft. > > So, the chairs believe that there i

Re: [OPSAWG] bof proposal review

On 10/4/16 8:02 AM, Marc Blanchet wrote: > Hello, > the bof proposal below have been sent to OPS ADs (and INT ADs) and > posted on the BOF wiki page. Benoît asked that this to be discussed > here, since there is no public mailing list yet for this topic (we > shall soon). So, I think we dicussed

Re: [OPSAWG] draft-deng-opsawg-composed-vpn-sm-requirements-01.txt

On 7/19/16 8:29 PM, Bert Wijnen (IETF) wrote: > > It is a short document. Hearing if you think this makes sense or not > would be great. > > > Pages: 7 > > URL: > https://www.ietf.org/internet-drafts/draft-deng-opsawg-composed-vpn-sm-requirements-01.txt yeah, so I'm not a huge consumer of L3

Re: [OPSAWG] TACACS+ informational document.

Thanks, This is useful feedback. > On Apr 22, 2016, at 05:38, Alan DeKok wrote: > > A short summary: > > - many fields are named but not defined > > - structures with multiple fields are described, but field order is not > defined > > - terms are used inconsistently > > - the document is

Re: [OPSAWG] Call for Agenda Items for Buenos Aires

opsec? On 3/1/16 3:28 PM, Fernando Gont wrote: > Folks, > > We'd like a slot to discuss this I-D: > > Title: "On Firewalls in Network Security" > Filename: draft-gont-opsawg-firewalls-analysis > Presenter: Fernando Gont > Slot: 20'? > > Thanks! > > Best regards, > Fernando > > > > > On 02

Re: [OPSAWG] Detangling TACACS+ - the outcome

On 3/1/16 9:20 AM, Warren Kumari wrote: > > > On Mon, Feb 29, 2016 at 7:46 PM Warren Kumari > wrote: > > Dear OpsAWG, > Thank you for your time and patience during this process. We note > that we now have all IPR ACKs. > > Based upon the responses we h

Re: [OPSAWG] Detangling TACACS+ - the outcome

On 2/29/16 4:46 PM, Warren Kumari wrote: > Dear OpsAWG, > Thank you for your time and patience during this process. We note that > we now have all IPR ACKs. > > Based upon the responses we have decided on a path forward: > 1: Produce an informational document which documents the TACACS+ > protocol

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

On 2/18/16 5:09 PM, Andy Bierman wrote: > > > On Thu, Feb 18, 2016 at 4:52 PM, Randy Bush > wrote: > > > I think in order for WG consensus to determine decisions wrt/ this > > document, it would no longer be a Cisco protocol. Cisco would have to > > give all c

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

Sent from my iPhone > On Feb 18, 2016, at 12:08, Eliot Lear wrote: > > > >> On 2/18/16 9:02 PM, Andy Bierman wrote: >> >> I think in order for WG consensus to determine decisions wrt/ this >> document, >> it would no longer be a Cisco protocol. Cisco would have to give all >> change contro

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

On 2/18/16 7:18 AM, William Herrin wrote: > On Mon, Feb 15, 2016 at 3:16 PM, Warren Kumari wrote: >> If the answer to the previous question is yes, should the RFC describing the >> protocol itself (as opposed to any other document that might describe >> appropriate use) be published as a standards

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

On 2/16/16 3:24 PM, Randy Bush wrote: >> Occasionally I wonder if "this problem" is the hill I'm going to >> choose to die on... > > sorry you have decided to die. you'll be missed HWÆT, WE GAR-DEna in geardagum, þeodcyninga þrym gefrunon, hu ða æþelingas ellen fremedon! oft Scyld Scefing sceaþe

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

On 2/16/16 3:08 PM, Randy Bush wrote: >>> One thing to keep in mind is that, if the document describing the >>> currently deployed protocol is informational, we may have a tricky time >>> making the extensions be standards track; it would (presumably) require >>> a downref. >> >> it would; it is n

Re: [OPSAWG] Detangling - Q3: Publish TACACS+ as a standards track RFC?

On 2/16/16 12:28 PM, Warren Kumari wrote: > > > On Tue, Feb 16, 2016 at 1:57 PM Brian E Carpenter > mailto:brian.e.carpen...@gmail.com>> wrote: > > On 16/02/2016 09:16, Warren Kumari wrote: > > This is the third of 3 messages to determine what the OpsAWG > should do with > > TACA

Re: [OPSAWG] TACACS+, a suggestion

We have strayed away from the work at hand, and I don't see this line of discussion getting more appropriate. thanks joel On 2/15/16 7:35 AM, Alan DeKok wrote: > On Feb 15, 2016, at 5:07 AM, heasley wrote: >> >> Seems that in the time bikeshedding, this could have already been in WGLC. >> Outsta

Re: [OPSAWG] automatic attachment of applications and services at the edge

Am I correct in understanding that the goal is to not have to implment spb on the client device? so this takes the place of an isis implementation that would do the signaling per 802.1aq. On 2/15/16 7:09 AM, Romascanu, Dan (Dan) wrote: > Hi, > > > > I would like to draw the attention of the pa

Re: [OPSAWG] appeal on adoption of draft-ietf-opsawg-tacacs-00.txt as an opsawg topic

On 2/15/16 3:16 PM, Bradner, Scott wrote: > ps - the session was in the ops area meeting, which is why the minutes are > not on the opsawg list Joint meetings have the property of occupying one slot. that may be a tooling problem but satisfies the proceedings reporting in it's current form. > S

Re: [OPSAWG] appeal on adoption of draft-ietf-opsawg-tacacs-00.txt as an opsawg topic

On 2/12/16 9:16 AM, Stefan Winter wrote: > Hello, > >> 30 November: 2015: Warren sent the following message to the opsawg: >> (for some reason this message does not show up in the archive but a >> copy is >> appended to this message) >> >> The chairs believe that there is sufficient interest

Re: [OPSAWG] APPEAL: re AAA protocols and IETF consensus

On 2/10/16 9:00 PM, Alan DeKok wrote: > I think most people aren't aware of the history of AAA protocols in > the iETF. This message summarizes relevant documents in the area, > and makes an appeal to the WG to remove the document as a WG > document. > > RADIUS was standardized in 2000 in RFC 205

Re: [OPSAWG] Procedural issues with the TACACS+ document

On 2/10/16 12:57 PM, Alan DeKok wrote: > And some more notes > > 7. The charter says: > > "The Operations and Management Area receives occasional proposals for > the development and publication of RFCs dealing with operational and > management topics that are not in scope of an existing workin

[OPSAWG] Please welcome our new chair!

Greetings, First, I want to thank everyone who volunteered. The enthusiasm and depth of field present in the pool of volunteers who indicated interest in serving as co-chair is truly humbling. I talked to several of you over the course of this deliberation in addition to my co-ad and the present c

[OPSAWG] Looking for volunteers to co-chair OPSAWG

Folks, One of our chairs, Scott Bradner will be stepping down subsequent to the IETF meeting in Buenos Aires, We've been incredibly lucky to have him and his steady hand as a chair and contributor to the OPSdir and the Operations and Management area among the many activities in his storied IETF ca

Re: [OPSAWG] Implementation of RFC7630

On 11/22/15 11:39 AM, Joe Clarke wrote: > I was getting some questions from internal parties regarding the > implementation of SHA-2 authn for SNMPv3, and wanted to check the list > to gage what NMS vendors and operators might be considering with respect > to this. Is there a strong desire among o

[OPSAWG] Joint opsawg/opsarea meeting - 15:20-17:20 Thursday Afternoon 11/5/2015

If you have agenda items you'd like to address to the ops area please get them in soon. Joel and Benoit signature.asc Description: OpenPGP digital signature ___ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg

Re: [OPSAWG] draft-ietf-opsawg-hmac-sha-2-usm-snmp-06 about to send to the rfc editor.

On 6/22/15 7:30 AM, Blumenthal, Uri - 0553 - MITLL wrote: > On 6/18/15, 1:21 , "joel jaeggli" wrote: > >> Stephen Farrell's comment ( and former dicuss) I think should be food >> for thought and I'd like if possible to briefly discuss it. > > I

Re: [OPSAWG] Kathleen Moriarty's No Objection on draft-ietf-opsawg-vmm-mib-03: (with COMMENT)

On 6/23/15 7:22 AM, Blumenthal, Uri - 0553 - MITLL wrote: > I concur with Randy and Juergen. Ok thanks, I think we have dicussed us. joel > > > ___ > OPSAWG mailing list > OPSAWG@ietf.org > https://www.ietf.org/mailman/listinfo/opsawg > signatur

Re: [OPSAWG] Kathleen Moriarty's No Objection on draft-ietf-opsawg-vmm-mib-03: (with COMMENT)

On 6/22/15 5:06 PM, Black, David wrote: > Hi Randy, > The secdir reviewer's original comment was: > >> I would also mention the specific problem of software running in a virtual >> machine and accessing the hypervisor's variables. This is an attack vector >> that is somewhat specific to this MI

[OPSAWG] draft-ietf-opsawg-hmac-sha-2-usm-snmp-06 about to send to the rfc editor.

Stephen Farrell's comment ( and former dicuss) I think should be food for thought and I'd like if possible to briefly discuss it. -- I'm a yes on this, but am still holding my nose:-) The yes is because it's a fine thing to make sure that up-to-date options for securing protocols are availa

Re: [OPSAWG] Last Call: (HMAC-SHA-2 Authentication Protocols in USM for SNMP) to Proposed Standard

On 4/14/15 7:51 AM, t.petch wrote: > Warren > > I am used to seeing downrefs called out in the IETF Last Call notice. > > This I-D certainly has them but the Last Call notice makes no mention of > them. Is this ok? I gave this a little (not a lot) of thought during the ad review. My interpreta

Re: [OPSAWG] Martin Stiemerling's No Objection on draft-ietf-opsawg-coman-probstate-reqs-04: (with COMMENT)

thanks mehmet On 2/20/15 9:46 AM, Ersue, Mehmet (NSN - DE/Munich) wrote: > Hi Martin, > > thank you for your comments. > >> - Req-ID: 10.001: Not sure if this is really a requirement for a >> transport protocol. I would read this as a requirement for the >> implementation of a transport protoco

[OPSAWG] Fwd: Re: AD help needed by opsawg

forwarded to opsawg Forwarded Message Subject: Re: AD help needed by opsawg Date: Fri, 30 Jan 2015 23:57:36 -0800 From: joel jaeggli To: Bradner, Scott , ops-...@tools.ietf.org CC: Warren Kumari On 1/30/15 2:59 AM, Bradner, Scott wrote: > Joel can you help here

Re: [OPSAWG] [dhcwg] AD sponsoring - draft-wkumari-dhc-capport-07

On 1/27/15 9:39 AM, Warren Kumari wrote: > On Tue, Jan 27, 2015 at 11:31 AM, Ted Lemon wrote: >> On Jan 27, 2015, at 11:20 AM, Warren Kumari wrote: >>> I personally like DHCPv4 and DHCPv6, but there seems to be some >>> religion around this stuff :-) >>> Supporting multiple option for v6 means ne

Re: [OPSAWG] [dhcwg] AD sponsoring - draft-wkumari-dhc-capport-07

On 1/22/15 3:39 PM, Ted Lemon wrote: > On Jan 4, 2015, at 4:32 PM, joel jaeggli wrote: >> After some dicussion last year, I have agreed to sponsor >> draft-wkumari-dhc-capport >> (https://tools.ietf.org/html/draft-wkumari-dhc-capport-07). what >> I'm looking for

[OPSAWG] AD sponsoring - draft-wkumari-dhc-capport-07

Folks, After some dicussion last year, I have agreed to sponsor draft-wkumari-dhc-capport (https://tools.ietf.org/html/draft-wkumari-dhc-capport-07). what I'm looking for feeback on right now is feedback from potential implementors, either of client implementations of captive portal detection or c

Re: [OPSAWG] Looking for some feedback on a draft.

On 10/10/14 12:40 PM, Robert Story wrote: > On Wed, 1 Oct 2014 17:21:07 -0400 Warren wrote: > WK> Eventually you get a web page that tells you you can get to the > WK> Internet for the low low price of $9.95 for 24hours. > > Is there something existing for this? On my android phone I can connect t

[OPSAWG] Operations and Manangement area director role.

Folks, Nominations for the role of operations and management are director as well as the other open positions to be filled run through October 11th. https://datatracker.ietf.org/nomcom/2014/ It is very important if possible to have multiple qualified candidates available to each position even in

Re: [OPSAWG] Read-write access in VMM-MIB

procedure. May I, as an author of the draft, send an E-mail > stating this issue to i...@ietf.org, CCing WG? Or ask WG chairs to > handle it? > > Thank you. > Hirochika > > > On May 27, 2014, at 1:24 AM, joel jaeggli wrote: > >> On 5/26/14, 9:20 AM, Juergen Schoen

Re: [OPSAWG] Read-write access in VMM-MIB

On 5/26/14, 9:20 AM, Juergen Schoenwaelder wrote: > On Mon, May 26, 2014 at 08:42:47AM -0700, joel jaeggli wrote: >> On 5/26/14, 2:31 AM, Juergen Schoenwaelder wrote: >>> Asai, >>> >>> the IESG statement is here: >>> >>> http://www.ietf.

Re: [OPSAWG] Read-write access in VMM-MIB

On 5/26/14, 2:31 AM, Juergen Schoenwaelder wrote: > Asai, > > the IESG statement is here: > > http://www.ietf.org/iesg/statement/writable-mib-module.html > > My reading is that it specifically talks about configuration. While > the discussion started with "lets ban all write access", it may be

Re: [OPSAWG] WG last call for "Mechanisms for Optimal LAG/ECMP Component Link Utilization in Networks"

On 9/10/13 4:58 PM, Randy Bush wrote: >> I would need a bit more clarity on what is "per circuit". The >> mechanism works by looking at the utilization on individual component >> links within a LAG/ECMP. The port-level queues and packet/byte >> counters are always visible to an implementation. >

Re: [OPSAWG] Call for adoption, draft-krishnan-opsawg-large-flow-load-balancing/

Folks, I came to the attention of the Chairs and the ADs during the call for adoption that an IPR disclosure was likely pending on this draft. It has since transpired. The disclosure can be reviewed here. http://datatracker.ietf.org/ipr/search/?option=document_search&id_document_tag=draft-kr

Re: [OPSAWG] Fwd: Call for adoption, two capwap-related documents

On 4/24/13 9:37 AM, Melinda Shore wrote: This is a reminder that working group last call for these documents closes tomorrow. Please have a look at them if you haven't already done so. I don't think this is a WGLC so we should correct the record on that. Melinda Original Message ---

Re: [OPSAWG] Call for adoption, two capwap-related documents

On 4/11/13 11:29 AM, Melinda Shore wrote: On 4/11/2013 10:28 AM, David Harrington wrote: Which types of expert review? CAPWAP experts? 802.11n experts? Security experts? Network management experts? Operator experts? Apologies for the lack of clarity. CAPWAP, 802.11n,and operators. capwap overl

Re: [OPSAWG] FW: New Version Notification for draft-pularikkal-opsawg-lawful-intercept-spwifi-00.txt

On 2/19/13 11:18 AM, Sri Gundavelli (sgundave) wrote: On 2/19/13 12:03 AM, "Brian E Carpenter" wrote: On 19/02/2013 05:39, Sri Gundavelli (sgundave) wrote: Hi Joel, I think this is a good point. We had few discussions with Fred Baker as well on this aspect. RFC-2804 was written 13 years bac

Re: [OPSAWG] FW: New Version Notification for draft-pularikkal-opsawg-lawful-intercept-spwifi-00.txt

On 2/18/13 1:11 PM, Byju Pularikkal (byjupg) wrote: Hello Attached is a document on LI Architecture for SP Wi-Fi. Comments appreciated, Thanks & Regards The document makes no mention of RFC 2804. It would be helpful if the authors would indicate that they are mindful of that especially vis-a-