haussli draft-dahm-opsawg-tacacs-security issues

haussli / draft-dahm-opsawg-tacacs-security

IETF draft for new tacacs+ security features

1 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Does openssh support RFC4716?

#53 haussli opened 1 year ago
1
What key types are supported by the RFC4716 SSH pubkey format

#52 haussli opened 1 year ago
2
Alan Dekok: Proxy concerns

#51 dcmgashcisco opened 2 years ago
4
Alan Dekok: TLS Server Name Indication

#50 dcmgashcisco closed 2 years ago
2
Alan Dekok: zero-seconds lifetime resumption ticket_lifetime

#49 dcmgashcisco closed 2 years ago
2
Alan Dekok: existing TACACS+ port can be used for TLS

#48 dcmgashcisco closed 2 years ago
2
Merge pull request #46 from haussli/dg-edit

#47 dcmgashcisco closed 2 years ago
0
Issues 40 and 42

#46 dcmgashcisco closed 2 years ago
0
update dg-edit

#45 dcmgashcisco closed 2 years ago
0
TLS amusement

#44 haussli closed 2 years ago
2
TLS resumption

#43 haussli closed 2 years ago
4
Suggestion for section

#42 dcmgashcisco closed 2 years ago
6
minor typo in 3.2. TLS Connection

#41 dcmgashcisco closed 2 years ago
1
Suggestion in 3.1. Well-Known TCP/IP Port

#40 dcmgashcisco closed 2 years ago
6
MUST and MAY contradict?

#39 dcmgashcisco closed 2 years ago
6
Some XXX in text

#38 dcmgashcisco closed 2 years ago
2
CRL

#37 dcmgashcisco closed 2 years ago
3
Ref to Syslog

#36 dcmgashcisco closed 2 years ago
3
Content of Subject Name (or what are identity fields)

#35 dcmgashcisco closed 2 years ago
6
TLS extended client hello server_name

#34 haussli closed 2 years ago
4
Add None status type

#33 dcmgashcisco closed 3 years ago
0
update dg_edit

#32 dcmgashcisco closed 3 years ago
0
Dg edit Intro

#31 dcmgashcisco closed 3 years ago
0
TLS musing

#30 haussli closed 2 years ago
10
sftp ssh subsystem

#29 haussli closed 3 years ago
3
Improve description of intent for using TLS

#28 haussli closed 3 years ago
2
MD4 Update for MS-CHAPv2 deprecation,

#27 dcmgashcisco closed 3 years ago
0
Dg edit

#26 dcmgashcisco closed 3 years ago
0
merge from master

#25 dcmgashcisco closed 3 years ago
0
AVPs in replies for requests with concatenated AVPs

#24 haussli closed 3 years ago
2
Remove the rule to preclude fragments across packets

#23 dcmgashcisco closed 3 years ago
0
Merge to dg-edit branch

#22 dcmgashcisco closed 3 years ago
0
Other deprecation from rfc8907?

#21 haussli closed 3 years ago
7
Deprecate MD4 support?

#20 haussli closed 3 years ago
7
Deprecate MS-CHAP v1.?

#19 haussli closed 3 years ago
3
Are netconf or ssh subsystem accounting event types needed?

#18 haussli closed 3 years ago
3
is the ssh-subsystem AVP a bad idea?

#17 haussli closed 3 years ago
8
is ssh-subsystem relevant if authen_method is not TAC_PLUS_AUTHEN_METH_SSHPK?

#16 haussli closed 3 years ago
1
'-' or '_' in AVP names?

#15 haussli closed 3 years ago
4
Add a TAC_PLUS_AUTHEN_SVC_SSH and/or _SVC_SSHSUBSYS authen_service(s)?

#14 haussli closed 3 years ago
3
Use rfc4716 for ssh_pubkey AVP?

#13 haussli closed 3 years ago
2
Mandatory vs optional ssh_pubkey_type and ssh_pubkey AVPs

#12 haussli closed 3 years ago
3
AVP concatenation and separators as related to ssh pubkeys

#11 haussli closed 3 years ago
3
Is S5 missing any cases where it should specifically dictate the termination of the T+ session?

#10 haussli closed 3 years ago
1
Commit for Issue #6

#9 dcmgashcisco closed 3 years ago
0
Merge From Master

#8 dcmgashcisco closed 3 years ago
0
Should a new AVP ssh_pubkey_type be used to request specific pubkey types?

#7 haussli closed 3 years ago
1
Can AVPs be duplicated and can optional and mandatory AVPs be mixed in a tacacs packet? rfc8907 does not address this.

#6 haussli closed 3 years ago
2
Are there syntax rules for ssh pubkey algorithm names?

#5 haussli closed 3 years ago
1
The authentication continue packet does not have a status field

#4 haussli closed 3 years ago
7