Closed haussli closed 3 years ago
dcmgashcisco
commented
3 years ago Some proposed options to consider for deprecation
TAC_PLUS_AUTHEN_SENDAUTH
Authen service:
TAC_PLUS_AUTHEN_SVC_PPP := 0x03
TAC_PLUS_AUTHEN_SVC_PT := 0x05
TAC_PLUS_AUTHEN_SVC_X25 := 0x07
TAC_PLUS_AUTHEN_SVC_NASI := 0x08
TAC_PLUS_AUTHEN_SVC_FWPROXY := 0x09Status
TAC_PLUS_AUTHEN_STATUS_FOLLOW := 0x21
haussli
commented
3 years ago TAC_PLUS_AUTHEN_STATUS_FOLLOW was deprecated in rfc8907, right?
haussli
commented
3 years ago I wonder if there is any value to deprecating those authen_service enumerations. I do not know what NASI or PT are, but the others are potentially used - x.25 in military, for example? I believe that Ketchetan Telecom uses PPP for some subscribers.
haussli
commented
3 years ago I skimmed 8907 for other things to deprecate, but found nothing.
I researched MSCHAPv2 a little, PR #20 . I am not sure if it is still in use. It seems that it is possibly used for an MS VPN client auth, but I do not know if that is current information or dating back to Win98. For reduced personal pain, I stopped looking for details.
dcmgashcisco
commented
3 years ago MSCHAPv2 is still used in AD integration, I'd recommend not to deprecate it at this point.
dcmgashcisco
commented
3 years ago I wonder if there is any value to deprecating those authen_service enumerations. I do not know what NASI or PT are, but the others are potentially used - x.25 in military, for example? I believe that Ketchetan Telecom uses PPP for some subscribers.
True, but these are all for network access, which has been largely disowned even in the T+ RFC. It depends how seriously we want to deprecate the network access use of T+. It is probably not a use case that OPSAWG would represent...
dcmgashcisco
commented
3 years ago First batch of deprecations added (MS-CHAPv1 and sendauth)
We decided that we need to review rfc8907 for other deprecation opportunities.