Document: draft-ietf-opsawg-secure-tacacs-yang Title: A YANG Data Model for Terminal Access Controller Access-Control System Plus (TACACS+) Reviewer: Robert Sparks Review result: Ready I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other review comments. This document is ready for publication as a Proposed Standard RFC This document is reflecting the protocol changes in draft-ietf-opsawg-tacacs-tls13 into a YANG module. As the shepherd review says, "It is essentially a programmatic representation of that work". The security issues around using the model are described in the security considerations section following the usual guidance for YANG modules. Comments: The document restates requirements from draft-ietf-opsawg-tacacs-tls13, and _might_ be stating them more strongly. For instance, draft-ietf-opsawg-tacacs-tls13 says "TLS 1.3 [RFC8446] must be used for transport" (note the lower case must) while this document states "* TLS 1.3 [RFC8446] MUST be used for transport.". The intent is clear, but perhaps draft-ietf-opsawg-tacacs-tls13 needs to be touched at that point. -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
