In his/her message, Balazs Scheidler wrote:
>From [EMAIL PROTECTED] Tue Jul 18 19:15:54 2000
>Subject: Re: Updated Draft - Security Considerations comments solicited
[Charset iso-8859-2 unsupported, skipping...]
> 1 implement authentication, protection at the network layer (IPSec)
> 2 implement authentication, protection at the transport layer (SSL, SSH)
> 3 implement authentication, protection at the application layer, in our
> protocol
Logging is handling datas. We need integrity and authentication.
So I think that the right place to implement authentication and protection
is at the data layer. An XML data format and XML signatures is the obvious
candidate : http://njlug.rutgers.edu/projects/syslog/xml-log-1.txt.
The working charter does not allow us to standardize the data format.
I believe that this is a mistake to standardize a new syslog protocol
without standardizing the data format, because the key purpose of
logging is the logging information.
Use of #1 or #2 for another security purpose and for confidentiality,
network or transport layer, is complementary.
HERVE
