Chris,
I have not heard back from anyone about how SSL is currently being
implemented for syslog. From that, I might conclude that message
confidentiality is not a priority for the community.
(Responses to that
would be welcome.)
I thought that these postings pointed out what is
Hi Rainer,
I'm still not seeing too many responses about how TLS is authenticated.
Only Baszi has said that full X.509 certificates should be used - similar
to how they are used in stunnel. Is this acceptable to the WG? Should
the WG also consider using PSKs as proposed in RFC 4279?
Hi Rainer,
I'm still not seeing too many responses about how TLS is
authenticated.
I guess you do not see them because most often it is used anonymous...
As of my experience, people are concerend about message observation.
Authentication is not their prime concern (my previous post
On Wed, 2006-01-18 at 06:24 -0800, Chris Lonvick wrote:
Hi Rainer,
I'm still not seeing too many responses about how TLS is authenticated.
Only Baszi has said that full X.509 certificates should be used - similar
to how they are used in stunnel. Is this acceptable to the WG? Should
the
Maybe I was not completely clear. I think we should go the TLS route
and
let the operator decide whether he wants authenticated or
unauthenticated TLS (or asymmetric authentication, e.g. the server is
authenticated but the client is not just like in HTTPS) So I fully
agree
with Rainer on
- Original Message -
From: Anton Okmianski (aokmians) [EMAIL PROTECTED]
To: Sam Hartman [EMAIL PROTECTED]
Cc: Chris Lonvick (clonvick) [EMAIL PROTECTED]; Tom Petch
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, January 17, 2006 10:54 PM
Subject: RE: [Syslog] Re: Threat model and
Tom,
Apologies for the delay in responding.
I have had a look at the syslog MIB, and am confused, at a fairly fundamental
level, about the relationship of the MIB to the other documents, RFC3164 and
syslog-protocol. The last two have a common framework/architecture, spelt out
at the