--On Monday, January 30, 2006 9:40 AM -0500 David B Harrington <[EMAIL PROTECTED]> wrote:
If the hop-by-hop transport of information checks integrity of the whole message, then it shouldn't be necessary to check the integrity of the message contents independently, should it? If a relay cannot be trusted to not alter the message contents in undesirable ways, why would an administrator utilize that relay in their system of relays for message transport? Can you give me an example of when such an untrustworthy relay would be used?
Simple - a formerly trusted relay becomes compromised. In a perfect world, this wouldn't happen. But in the real world, it does. Having the data authenticated by the origin reduces the threat to only the origin server.
-- Carson _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog