Miao Fuyou wrote:
My perception is logging does not necesarily mean send events over network
to syslog server,. Webopedia says log is "to record an action". If there is
no syslog connection available, it is still possible to log the message in
local storage.
Right. The issue here, however, i
> > There is also a matter of what an application is supposed
> to do when
> > logging fails. Some applications should proceed uninterrupted.
> > Others may need to block. I don't know whether text is
> appropriate.
> > It's not part of the protocol, but it does fall under
> common mode
, 2007 3:47 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Syslog] Syslog-tls-09 draft - suggested change
>
> [ re: DNS reverse mapping ]
>
> DNS is not secure, and isn't likely to be any time soon.
> Using DNS as any sort of security measure is just plain stupid.
>
&g
[ re: DNS reverse mapping ]
DNS is not secure, and isn't likely to be any time soon. Using DNS as any
sort of security measure is just plain stupid.
Either the other party possesses the private key material that matches
their public key or they don't. If they don't, SSL will fail. If they do,
On Tue, 2007-04-24 at 09:42 +0200, Eliot Lear wrote:
> Miao,
> In addition, you have another problem in the text:
>
> >If the client is configured with IP address
> >of the server, the hostname should be got first through a trusted
> >mechanism such as a preconfigured hosts table or D
Hi,
I'm OK with this proposal with two minor changes.
- rather than "(see below)" it should have "(see next paragraph)"
- remove parenthasis from "(with a bad certificate error)" as that text is
normative.
vv
If the hostname does not match the identity in the certificate,
clients SHOULD log
lto:[EMAIL PROTECTED]
Sent: Tuesday, April 24, 2007 3:43 AM
To: Miao Fuyou
Cc: 'David Harrington'; [EMAIL PROTECTED]
Subject: Re: [Syslog] Syslog-tls-09 draft - suggested change
Miao,
TLS is still duplex even if syslog is simplex. In the same time,
authenticaiton happens in the
minate the need for the first two
paragraphs?
dbh
> -Original Message-
> From: Eliot Lear [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, April 24, 2007 3:43 AM
> To: Miao Fuyou
> Cc: 'David Harrington'; [EMAIL PROTECTED]
> Subject: Re: [Syslog] Syslog-tls-09 draft -
Hi,
On Tue, 24 Apr 2007, Eliot Lear wrote:
Miao,
TLS is still duplex even if syslog is simplex. In the same time,
authenticaiton happens in the handshaking phase of TLS when syslog message
transfering does not begin . So, simplex or duplex does not matter for
authentication.
I personally
Miao,
TLS is still duplex even if syslog is simplex. In the same time,
authenticaiton happens in the handshaking phase of TLS when syslog message
transfering does not begin . So, simplex or duplex does not matter for
authentication.
I personally haven't liked those terms since 300 baud modems a
Hi,
TLS is still duplex even if syslog is simplex. In the same time,
authenticaiton happens in the handshaking phase of TLS when syslog message
transfering does not begin . So, simplex or duplex does not matter for
authentication.
I had persuaded myself that syslog sender is always hosted on a
11 matches
Mail list logo
