RE: [Syslog] Charter revision / WG obsolete?

Thu, 17 Nov 2005 13:06:43 -0800 

Hi,
I believe that we will still provide the attributes you list below in our work. We will be narrowly focused and we will not discuss how syslog can be used other than to say that it will transport event messages. After we finish our work, you may find that syslog can provide "accountability reporting" as you describe. 

Thanks,
Chris


On Thu, 17 Nov 2005, Eric Hibbard wrote:


My mistake. I mis-interpreted the WG description, "...At a minimum this
group will address providing authenticity, integrity and confidentiality
of Syslog messages as they traverse the network." I guess I'll shift
this discussion to INCITS/CS1.

Thanks for the bandwidth.

-Eric

-----Original Message-----
From: Darren Reed [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 17, 2005 5:07 AM
To: Eric Hibbard
Cc: [EMAIL PROTECTED]
Subject: Re: [Syslog] Charter revision / WG obsolete?


As one of the many lurkers on this list, I have been monitoring this
WG's activities and I'm a bit concerned with the recent posts. I had
high hopes that some form of logging standardization might

materialize,

but that now seems to be in question.


That is outside the scope of this WG.  We're trying to concentrate on
the protocol used to convey log information - that's all.


Recent regulations within the U.S. (e.g., SOX, HIPAA, SEC, FDA, etc.)
and other countries are forcing organizations to implement
"accountability" measures. Audit logging (as well as authentication

and

authorization) is a critical element of these accountability measures.
Seems to me that this WG might want to step up and standardize the way
this gets handled. If nothing else, it could give the WG a little more
focus.


That information _may_ be placed in syslog messages but the scope
of what you're talking about includes much more than just sending
data between daemons.  For now, we have other more basic problems
to solve and as tempting as it is to try and solve these too, it
would just be a distraction and stop the WG from achieving what
it needs to achieve.

Darren

_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog



_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog






















					Reply via email to