> > > -----Original Message----- > > > From: Rainer Gerhards > > > Sent: Thursday, May 08, 2008 3:07 PM > > > To: [email protected] > > > Subject: -transport-tls-12, section 4.2.3 (fingerprints) > > > > > > Joe, > > > > > > I am implementing fingerprint authentication. I have some trouble > > > understanding this text: > > > > > > === > > > Both client and server implementations MUST make the certificate > > > fingerprint available through a management interface. If > no other > > > certificate is configured, both client and server > > implementations MUST > > > support generating a key pair and self-signed certificate. > > > === > > > > > > Especially the "If no other certificate is configured..." > > part puzzles > > > me. Does that mean that if no certificate is configured, > the syslogd > > is > > > responsible for generating a self-signed certificate > automatically? > > > > > > If so, I have concerns if that is the right thing to do. I think > > > certificates should always be generated by an operator. > > > > > > Or does it mean that there must be a management interface > > to generate > > > self-signed certificates? If so, I assume that this management > > > interface may reside outside of the core syslogd. In > > rsyslog, I will > > > provide some tools to generate self-signed certificates and > > obtain the > > > fingerprints (you may want to look at the rough prototypes > > if I made > > > myself not clear enough: > > http://git.adiscon.com/?p=rsyslog.git;a=tree;f=tools/gnutls;h= > > 1abb246805 > > 546ebd2f1f008a3cf256d5c76b7cbc;hb=HEAD ). > > > > [Joe] I don't know that we need to restrict this to a particular > implementation. I think it would be good to provide a management > interface to do the generation. It seems that it would be an > acceptable > implementation to auto-generate it as well.
[Rainer] As long as the syslogd is not required to auto-generate certs, I am happy enough ;) However, I wonder why it would be useful to auto-generate certs. Probably I am overlooking somehting obvious. But: isn't cert auto-generation equal to no authentication? After all, if a *self-signed* cert is generated by the remote peer AND we accept it, doesn't that essentially mean we accept any peer because the peer can put whatever it likes into the cert? I do not see why this is any better than having no cert at all... Rainer _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
