RE: [Syslog] Charter comments from IESG Review

On Mon, 2006-01-09 at 09:08 +0100, Rainer Gerhards wrote: Of course, a threat model should also be developed, but please keep in mind that anything other than signatures breaks what this WG has fought for since Vancouver. syslog-protocol should be finished (I hope we are there soon) as well

RE: [Syslog] Charter comments from IESG Review

I agree with Balazs suggestion and his reasoning. Rainer -Original Message- From: Balazs Scheidler [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 10, 2006 10:52 AM To: Rainer Gerhards Cc: [EMAIL PROTECTED] Subject: RE: [Syslog] Charter comments from IESG Review On Mon, 2006

Re: [Syslog] Charter comments from IESG Review

On Tue, 2006-01-10 at 22:02 +1100, Darren Reed wrote: On Mon, 2006-01-09 at 09:08 +0100, Rainer Gerhards wrote: I would say that addressing the security concerns at the transport level is way easier management and implementation wise than implementing syslog-sign. I disagree with the

RE: [Syslog] Charter comments from IESG Review

Hi Sam WG, I understand the reasoning behind requiring a security mechanism. I just want to remind everyone that a major drawback in Vancouver was that we had lost some backwards-compatibility to existing syslog implementations. The weeks after Vancouver we worked hard to find a minimum

RE: [Syslog] Charter comments from IESG Review

Tom, If so, yes, both S/MIME and OpenPGP support this model. However I'll point oun that it is not a requirement that syslog work that way; for example RFC 3195 certainly has connections. I'll look at those, thanks. I agree syslog could be, perhaps should be for meaningful

Re: [Syslog] Charter comments from IESG Review

Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer Hi Sam WG, I understand the reasoning behind requiring a Rainer security mechanism. I just want to remind everyone that a Rainer major drawback in Vancouver was that we had lost some Rainer backwards-compatibility to

Re: [Syslog] Charter comments from IESG Review

Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer Tom, If so, yes, both S/MIME and OpenPGP support this model. However I'll point oun that it is not a requirement that syslog work that way; for example RFC 3195 certainly has connections. I'll look

RE: [Syslog] Charter comments from IESG Review

-Original Message- From: Sam Hartman [mailto:[EMAIL PROTECTED] Sent: Monday, January 09, 2006 1:08 PM To: Rainer Gerhards Cc: Tom Petch; [EMAIL PROTECTED] Subject: Re: [Syslog] Charter comments from IESG Review Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer

Re: [Syslog] Charter comments from IESG Review

Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer Sorry, yes, I was totally wrong in my wording. What I Rainer intended to say was that the keys are exchanged on a Rainer medium different then the current session (e.g. key Rainer servers). This is not typically how

RE: [Syslog] Charter comments from IESG Review

Sam, Rainer Why? Simply Rainer because any transport-layer requirement (DTSL, SSL, SSH, Rainer whatever) would NOT be compatible with currently existing Rainer syslog implementations. So due to this requirement, we can Rainer not create a backwards-compatible spec (not

Re: [Syslog] Charter comments from IESG Review

Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer This looks like I misunderstood your intension. I thought Rainer that unsecured UDP should no longer be supported. That was not my intent. Rainer So what Rainer you actually said is that we can go ahead with the

Re: [Syslog] Charter comments from IESG Review

Petch - Original Message - From: Sam Hartman [EMAIL PROTECTED] To: Rainer Gerhards [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, January 09, 2006 2:35 PM Subject: Re: [Syslog] Charter comments from IESG Review Rainer == Rainer Gerhards [EMAIL PROTECTED] writes: Rainer

Re: [Syslog] Charter comments from IESG Review

Tom == Tom Petch [EMAIL PROTECTED] writes: Tom without committing us to either a -sign or a secure transport Tom approach (and yes, we did start the transport wars, some time Tom ago, with SSH v TLS:-( I really think that you need to identify your deliverables in the charter.

Re: [Syslog] Charter comments from IESG Review

- Original Message - From: Sam Hartman [EMAIL PROTECTED] To: Tom Petch [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 06, 2006 10:27 PM Subject: Re: [Syslog] Charter comments from IESG Review Tom == Tom Petch [EMAIL PROTECTED] writes: Tom Sam I struggle to think

Re: [Syslog] Charter comments from IESG Review

Hi Sam, On Thu, 5 Jan 2006, Sam Hartman wrote: Hi. The IESg reviewed the proposed syslog charter at today's telechat and decided that it requires revision. The main concern seems to be the lack of a mandatory to implement security mechanism. I indicated this might be the case in the

Re: [Syslog] Charter comments from IESG Review

Chris == Chris Lonvick [EMAIL PROTECTED] writes: Chris Is Section 8 in draft-ietf-syslog-protocol-16.txt Chris sufficient? Alternatively, Section 6 in RFC 3164 is fairly Chris comprehensive. Both of these look good. My main question with them is whether you believe it is a

Re: [Syslog] Charter comments from IESG Review

Sam I struggle to think what a security system would look like when the protocol is purely simplex, apart from a MAC to give integrity with some shared secret transmitted totally out of band. Are there any examples of simplex security elsewhere in the IETF? Tom Petch - Original Message

Re: [Syslog] Charter comments from IESG Review

Tom == Tom Petch [EMAIL PROTECTED] writes: Tom Sam I struggle to think what a security system would look Tom like when the protocol is purely simplex, apart from a MAC to Tom give integrity with some shared secret transmitted totally Tom out of band. By this do you mean without