Re: [Syslog] AD Review for draft-ietf-syslog-transport-tls
I'll get back to you on the generic certificates issue. For now, I recommend you read RFC 4107. Also note that each device needs a unique MAC address so the manufacturing process tends to have a step for making a device unique. So, it sounds like all forms of authentication are optional in this spec. You need a clear table describing what attacks are protected against given each authentication choice. Wording that table so that man-in-the-middle issues are dealt with correctly and it is still informative will be tricky. --Sam ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
[Syslog] An early last call comment on protocol-19
I failed to write this up yesterday. Your protocol document uses ISO language identifiers rather than BCP 47. Please either use BCP 47 or explain for all the language sets that BCP 47 can identify but your choice cannot why syslog implementations will not care. ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
RE: [Syslog] An early last call comment on protocol-19
Sam, I need to check the mailing list archives and my notes, but I think there was no technical reason to use ISO instead of BCP 47. If I do not find anything, I'll simply change the reference. In any case, I'll post what I find out. Rainer -Original Message- From: Sam Hartman [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 31, 2007 10:39 AM To: [EMAIL PROTECTED] Subject: [Syslog] An early last call comment on protocol-19 I failed to write this up yesterday. Your protocol document uses ISO language identifiers rather than BCP 47. Please either use BCP 47 or explain for all the language sets that BCP 47 can identify but your choice cannot why syslog implementations will not care. ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
Relays was Re: [Syslog] AD Review for draft-ietf-syslog-transport-tls
inline Tom Petch - Original Message - From: Miao Fuyou [EMAIL PROTECTED] To: 'Sam Hartman' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, January 31, 2007 5:50 AM Subject: RE: [Syslog] AD Review for draft-ietf-syslog-transport-tls Hi Sam, Thanks for the review! My response is inline. Regards, Miao -Original Message- From: Sam Hartman [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 31, 2007 7:23 AM To: [EMAIL PROTECTED] Subject: [Syslog] AD Review for draft-ietf-syslog-transport-tls Hi, folks. I had no comments on the UDP draft or the main protocol draft so I have forwarded them to IETF last call. I do have some concerns with the TLS draft. snip Are senders and relays required to have a certificate and to use that certificate? It is not required, but it is preferrable for some deployment where malicious senders may send lots of messages to overwhelm the receiver. Sam I have a slightly different view. To quote the I-D, where it says The sender/relay should initiate a connection to the receiver I take that as the sender initiates a connection to the receiver if no relay is present or to the relay (when present), the relay (when present) initiates the connection to the receiver (collector). Relay and receiver become TLS Servers and insofar as TLS Servers have certificates, the relay will have one! When the next paragraph says When a sender/ relay authenticates a receiver it MUST validate the certificate I take that to mean that the sender authenticates the receiver if no relay is present or the sender authenticates the relay (when present) and the relay authenticates the receiver. relay and sender are TLS clients. I appreciate that this is hop by hop security and not ideal end to end security. Tom Petch --Sam ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
[Syslog] Re: Last Call: draft-ietf-syslog-protocol (The syslog Protocol) to Proposed Standard
- 'The syslog Protocol ' draft-ietf-syslog-protocol-19.txt as a Proposed Standard draft-ietf-syslog-protocol-19.txt recommends using a reliable protocol. Existing implementations of syslog do this and deadlock with nameservers which are logging via syslog. I'm very wary of this recommendation. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog