>>>>> "Rainer" == Rainer Gerhards <[EMAIL PROTECTED]> writes:
Rainer> This looks like I misunderstood your intension. I thought
Rainer> that unsecured UDP should no longer be supported.
That was not my intent.
Rainer> So what
Rainer> you actually said is that we can go ahead with the
Rainer> unsecured UDP as long as we also mandate a (different)
Rainer> secure transport.
What I said is that you need to have a mandatory-to-implement mode of
operation that meets your security goals. You can certainly support
transport-udp. One way to do this is to have a new secure transport.
Another way to do this (assuming you decide confidentiality need not
be a security goal) is to use something like syslog-sign.
Personally I think a new transport might be more important than
syslog-sign but so long as the WG clearly articulates its security
goals, those goals make sense, and the wg then meets the goals, the
preference between syslog-sign and transport is a WG matter.
Also, I agree that you have described the threats to syslog in
adequate detail already; the question is which threats do you want
toaddress. You do need to explain that in your documents and you need
to justify that decision.
So, how much needs to be done for the charter? Well, I'd like text
added to the deliverable for -protocol noting that it will require a
secure mode of operation. If you are going to decide that syslog-sign
is the right path, then you should add text about that to the charter.
I don't think you need to choose a transport before chartering,
although I caution that transport wars are a good way to lose WG
momentum; look at the ISMS work over the past few IETFs for an
example.
--Sam
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
