----- Original Message ----- From: "Chris Lonvick" <[EMAIL PROTECTED]> To: "Tom Petch" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, January 30, 2006 3:33 AM Subject: Re: [Syslog] Threat model requirements discussion
> Hi Tom, > > I see your points. It appears that the section of RFC3411 that David > Harrington sent around agrees with your analysis for SNMP. However, as > Baszi says, devices are using encryption for syslog for what is considered > to be sensitive information when high levels of debugging are enabled. > How would you address that? > > Thanks, > Chris > Chris I would not exclude encryption as a defence against message observation but would give it a lower priority, my experience suggests a much lower priority, than message origin authentication and integrity. My concern is that we end up with a solution whose complexity or cost makes it unsuitable for users whose needs would be satisfied by a simpler one, namely authentication and integrity without encryption - in technical terms, I see adding a keyed hash as more attractive than deploying SSH or TLS etc Any solution has some of the same issues - key distribution and maintenance - but what I am mindful of is that this is an event/notification system (and one-way at that) which reverses client and server roles compared to much of the rest of systems management. SNMPv3 solved this problem but in a way that users found unacceptable to implement; isms and netconf have yet to solve it, we have not yet begun to think about it. So I want to see a simpler solution - eg keyed hash - first and a more complex one which includes encryption as phase two (2007?). And yes, my views are coloured by SNMP which I have worked with for many years, where, as I have said before, users tell me they must have encryption but it usually turns out they have not yet learnt about the concept of differing threats. Tom Petch <snip> _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
