> -----Original Message-----
> From: Sam Hartman [mailto:[EMAIL PROTECTED] 
> Sent: Monday, January 09, 2006 1:08 PM
> To: Rainer Gerhards
> Cc: Tom Petch; [EMAIL PROTECTED]
> Subject: Re: [Syslog] Charter comments from IESG Review
> 
> >>>>> "Rainer" == Rainer Gerhards <[EMAIL PROTECTED]> writes:
> 
>     Rainer> Tom,
>     >> > If so, yes, both S/MIME and OpenPGP support this model.
>     >> However I'll > point oun that it is not a requirement that
>     >> syslog work that way; for > example RFC 3195 certainly has
>     >> connections.
>     >> >
>     >> I'll look at those, thanks.  I agree syslog could be, perhaps
>     >> should be for meaningful security, but often at present is not,
>     >> so I wanted to see what security was possible with just one way
>     >> communication
> 
>     Rainer> They use pre-shared secrets.
> 
> Not typically.
> They typically use public keys.
> 

Sorry, yes, I was totally wrong in my wording. What I intended to say
was that the keys are exchanged on a medium different then the current
session (e.g. key servers). So this means some other protocol is
required to obtain that information  (and it is processed "outside" of
the syslog protocol). Thus, I wanted to say, it does not necessarily
need to change the simplex nature of syslog (but some initial
negotiation is necessary, which I do not think to be a problem).

Rainer

_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog

Reply via email to