Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, October 24, 2005 3:04 PM
Subject: [Syslog] Secure substrate - need your input
> I'll be asking this in Vancouver but would like to get some input from the
> mailing list.
>
> Our charter sa
> Hi Folks,
>
> I'll be asking this in Vancouver but would like to get some
> input from the mailing list.
>
> Our charter says that we will develop a secure method to
> transport syslog messages. We have BEEP (RFC 3195) but it
> has a low implementation record.
> Other groups have specified
[ Charset ISO-8859-1 unsupported, converting... ]
> > 1) What secure substrate should the WG look towards:
> >
> > __ ssl
> >
> > __ ssh
> >
> > __ dtls
> > http://www.ietf.org/internet-drafts/draft-rescorla-dtls-05.txt
> >
> > __ other
>
> I believe it should be SSL 3.0 / TLS 1.0.
I ag
> I see that there is a lot of work around SSH connection
> protocol and its potential use in new protocols. I have not
> followed these developments. There must have been a good
> reason for it. I would like to understand why people object
> to SSL, which is a well established technology. A
In the context of isms, ie SNMP, the choice was SSH v TLS + SASL; TLS provides
the security but not the authentication while SSH does both. And SSH is a
well-established protocol.
I agree that TLS/SSL is the most widely used but that is because more people
access websites (securely) than access n
Tom:
TLS provides for asymmetric authentication. RFC 2264 Section 1:
"The peer's identity can be authenticated using asymmetric, or public key,
cryptography (e.g., RSA [RSA], DSS [DSS], etc.). This authentication can be
made optional, but is generally required for at least one of the peers."
S
Tom Petch wrote:
In the context of isms, ie SNMP, the choice was SSH v TLS + SASL; TLS provides
the security but not the authentication while SSH does both. And SSH is a
well-established protocol.
I agree that TLS/SSL is the most widely used but that is because more people
access websites (secu
Good points Anton,
My preference is also for using SSL/TLS. From an implementers point of view,
there is a good supply of SSL/TLS components and source code available (both
commercial and open source). This would make it easy for customers to add
secured syslog support to their apps.
We currentl
> >From the notes I've been getting and the recent discussion on the
> >mailing
> list, I'd like to ask for a sanity check.
>
>
> 1) Will you (or your organization) be transmitting or
> receiving syslog messages using syslog-protocol as described
> in the most recent ID?
I can't speak to any