I'll get back to you on the generic certificates issue. For now, I recommend you read RFC 4107. Also note that each device needs a unique MAC address so the manufacturing process tends to have a step for making a device unique.
So, it sounds like all forms of authentication are optional in this spec. You need a clear table describing what attacks are protected against given each authentication choice. Wording that table so that man-in-the-middle issues are dealt with correctly and it is still informative will be tricky. --Sam _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog