>>>>> "Rainer" == Rainer Gerhards <[EMAIL PROTECTED]> writes:
Rainer> This looks like I misunderstood your intension. I thought Rainer> that unsecured UDP should no longer be supported. That was not my intent. Rainer> So what Rainer> you actually said is that we can go ahead with the Rainer> unsecured UDP as long as we also mandate a (different) Rainer> secure transport. What I said is that you need to have a mandatory-to-implement mode of operation that meets your security goals. You can certainly support transport-udp. One way to do this is to have a new secure transport. Another way to do this (assuming you decide confidentiality need not be a security goal) is to use something like syslog-sign. Personally I think a new transport might be more important than syslog-sign but so long as the WG clearly articulates its security goals, those goals make sense, and the wg then meets the goals, the preference between syslog-sign and transport is a WG matter. Also, I agree that you have described the threats to syslog in adequate detail already; the question is which threats do you want toaddress. You do need to explain that in your documents and you need to justify that decision. So, how much needs to be done for the charter? Well, I'd like text added to the deliverable for -protocol noting that it will require a secure mode of operation. If you are going to decide that syslog-sign is the right path, then you should add text about that to the charter. I don't think you need to choose a transport before chartering, although I caution that transport wars are a good way to lose WG momentum; look at the ISMS work over the past few IETFs for an example. --Sam _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog