---- Original Message ----- From: "Chris Lonvick" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 24, 2005 3:04 PM Subject: [Syslog] Secure substrate - need your input
> I'll be asking this in Vancouver but would like to get some input from the > mailing list. > > Our charter says that we will develop a secure method to transport syslog > messages. We have BEEP (RFC 3195) but it has a low implementation record. > Other groups have specified BEEP as well but are also moving along towards > using SSH or SSL. > > 1) What secure substrate should the WG look towards: > __ ssl > __ ssh > __ dtls http://www.ietf.org/internet-drafts/draft-rescorla-dtls-05.txt > __ other > > 2) Why? > SSH; before the isms WG came into existence, there was a survey of operators to find why SNMPv3 security was unacceptable and that showed that the most used security was ssh; tls did not figure. This makes sense to me as SSH is widely used with telnet to control remote network devices - I do not see much (d)tls in this area. And, after due deliberation, netconf chose SSH. Having it in use by three working groups in the operations area seems the right thing. Downside is the use of a reliable transport, in practice TCP, which then brings a load of unnecessary baggage (mmm I think the IETF is missing a few transport protocol options). dtls sounds fine, and if it is in widespread use in five years time in this environment, then it would have been the right choice but at present, it is a gamble which I do not want to take. Tom Petch _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
