haussli
commented
3 years ago Comments from an old email from Andrej, which I think are relevant here:
If the context was TACACS+, then I was the person making noises about PSK being mandatory component in addition to Cert auth.
Pro for PSK is the ease of configuration and low-effort transition path for shops who are used to handling sensitive material already (i.e. everyone using TACACS+ for network management right now). The main con for PSK is exactly that: it's really hard to secure pre-shared keys when at rest. Is this good enough? I don't really know. TLS PSK makes the auth safe against key discovery and reply attacks. However, if the device holding the key is lost, it should be assumed that the key itself was lost as well.
Certs (well, not certs as such, but bear with me in this oversimplification) open the door to using the off-the-shelf asym crypto for initial exchange where the secret is in a write-only memory (e.g. TPM-like chip that performs crypto operation, but does not provide for an easy extraction of sensitive material, short of bugs, oscilloscope and/or electron microscope).
dcmgashcisco
Douglas will improve the text describing the intent of adding TLS to tacacs+.