IETF Logo Mail Archive

Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt

Kent Watsen <kwatsen@juniper.net> Wed, 17 January 2018 17:13 UTC

Return-Path: <kwatsen@juniper.net>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8183112FB4B for <netmod@ietfa.amsl.com>; Wed, 17 Jan 2018 09:13:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oiuv1m063DTv for <netmod@ietfa.amsl.com>; Wed, 17 Jan 2018 09:13:47 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FB6812FAFB for <netmod@ietf.org>; Wed, 17 Jan 2018 09:13:47 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w0HHCtb5029889; Wed, 17 Jan 2018 09:13:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=PPS1017; bh=zFpviyDgiz1PHNUJbnQZh5dL64zFEacv2yD5YxR4JzI=; b=zwZBXXlIgvlQxeCpTcFZIEfGSSzgZFHR6Ibr24nrVnAjqSGKbkLWFbhsbZ5jl/hZrj8v 6/sQ2fhhValQ8ZS3amq7gzGZLsgDmZMZFhwL528zjL6oT0azLDr1e/75MKawqfUpnIbf PP/lTLvPAV4TNRPX6OcBGBwy2l1lL4dkyDg6O1zH8sFLkE4u+KxuXvCPHWDaOdM83m4+ g42HwbfZ5EDdEuHNDoUs75sShKrl2t3wcnilY8Do11eqfV80KNrJRDGduxaRUU6p5aMG V4D1gV9wT5DvyCFo6rA+0yi+yFDqTeCltvTNvBmfPL3Q+7xQt0Yu1YTSTba7yM87dNIF 5g==
Received: from nam01-bn3-obe.outbound.protection.outlook.com (mail-bn3nam01lp0181.outbound.protection.outlook.com [216.32.180.181]) by mx0a-00273201.pphosted.com with ESMTP id 2fjapbr03x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 17 Jan 2018 09:13:37 -0800
Received: from DM5PR05MB3484.namprd05.prod.outlook.com (10.174.240.147) by DM5SPR01MB87.namprd05.prod.outlook.com (10.164.253.165) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.428.9; Wed, 17 Jan 2018 17:13:35 +0000
Received: from DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) by DM5PR05MB3484.namprd05.prod.outlook.com ([10.174.240.147]) with mapi id 15.20.0428.014; Wed, 17 Jan 2018 17:13:35 +0000
From: Kent Watsen <kwatsen@juniper.net>
To: Alexander Clemm <alexander.clemm@huawei.com>, Alex Campbell <Alex.Campbell@Aviatnet.com>, Benoit Claise <bclaise@cisco.com>, "netmod@ietf.org" <netmod@ietf.org>
Thread-Topic: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
Thread-Index: AQHTi/jgm64n1kE5c0S5iq2VpQaBSqN2at0AgABauYCAAElbAIAASOoAgACpZAA=
Date: Wed, 17 Jan 2018 17:13:34 +0000
Message-ID: <A39BE66A-7D19-4554-ADF4-200D9ED4FB77@juniper.net>
References: <151579789446.21777.985631371557420470@ietfa.amsl.com> <B21EB766-3A67-4642-9791-16586449E885@juniper.net> <c6151263-7f62-b8c3-98d5-02ffc2040b94@cisco.com> <1516139180331.69061@Aviatnet.com> <644DA50AFA8C314EA9BDDAC83BD38A2E0EADB117@sjceml521-mbx.china.huawei.com>
In-Reply-To: <644DA50AFA8C314EA9BDDAC83BD38A2E0EADB117@sjceml521-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
x-originating-ip: [66.129.241.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5SPR01MB87; 6:0mkGkSfyNKiVjqJOix7LFEckxHcduyY258LUfVDNAYa2QjbLzpR1s3BsRffMfSow4T/Aw6JRKgKviooYorgaLAy942jv91s4b9CO94oywetXmwjqUXMDezhJoMTse5dRVUQfhVAIuVioA78ExQMPLZdLA8rjiQTk4EGr/ejvS7GIpPHZMtdESoYNZx7Y1EjP10hoxlanGzVfQMmvDWZ+P/8FlBhomJQte0SlTwo4ZLjTm2R4WQ9Zi11J4mVaB/Eq2YTU2KD2H5in6rhV0Dkz2EAafBmuUmwoN+Ots7U6P6qGEzOelG6XTdvEX/wU5AzZOFiNIrqDv4p5P0y/FO0+A7sJiGieqHC+k4+zVN6aroVdc8WiBXN089hWevLXr7FZ; 5:SK0bHIuxUcr0kOpzN5GPbSJP5wATH0/wd7ttHytHOZ3mR9G0pKaoo+TpHS4Un9DdKJCwarJ8YmVqdIDSxo8/qFS/baY4Eg8otsRfroSrKNr8UOV46F06db/vclrNGGRI9l2MPAvnLRXMSHUUhQ6sTmS5dCenwQvu4XvL8vFQy4g=; 24:MqnQsw0tJWjHb36qAPBxgr66v9KwjYwoLr4INdDSl+uzbU4tAMBcZAlv3pPROGRKQW0usDRM69agTNM7G5TAfo30k1999JIb4OcMhOSiN0g=; 7:E2GLBA/NUCgpJz4FtCjDtzVLb5jXnqeZke2PTglXiFfNQ8SB9XinyHEFWkh5el41Qlu6Wow3fV+2Lk1uk+98o0ASJc3q0esh8S1fX/DLe6Bzu4o5SUFIP5rzQ3U9/nCGtOXvOGKR4j6wfTwzHi/Ix0WAfx5yPV/6r1EF5eV3UAcEaCPfr/geET6cdRkALnBaHAtxNyBXhiYhtkURVkDwL4SWejk7Z8LPqTeQ2IkOly50JIgKvU3rmbR6MuvhwUcS
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: caab339b-81e4-4150-fbb5-08d55dcda467
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534125)(4602075)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603307)(7153060)(7193020); SRVR:DM5SPR01MB87;
x-ms-traffictypediagnostic: DM5SPR01MB87:
x-microsoft-antispam-prvs: <DM5SPR01MB870F2B3497D9A015407BDDA5E90@DM5SPR01MB87.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(209352067349851)(192374486261705)(138986009662008)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(3231042)(2400048)(944501161)(3002001)(10201501046)(93006095)(93001095)(6055026)(6041268)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(6072148)(201708071742011); SRVR:DM5SPR01MB87; BCL:0; PCL:0; RULEID:(100000803126)(100110400120); SRVR:DM5SPR01MB87;
x-forefront-prvs: 0555EC8317
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(346002)(366004)(376002)(396003)(39380400002)(13464003)(189003)(51444003)(199004)(5660300001)(66066001)(2950100002)(6246003)(14454004)(2906002)(2900100001)(83506002)(36756003)(478600001)(110136005)(6512007)(25786009)(53936002)(26005)(99286004)(68736007)(3660700001)(86362001)(3280700002)(106356001)(8676002)(59450400001)(81156014)(102836004)(33656002)(6506007)(105586002)(76176011)(81166006)(305945005)(316002)(6486002)(77096006)(83716003)(58126008)(53546011)(97736004)(7736002)(6116002)(82746002)(2501003)(229853002)(8936002)(6436002)(230783001)(93886005)(3846002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5SPR01MB87; H:DM5PR05MB3484.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: TLB7wDfgozcCu4hAqBcsOQHSON6CUiDE86MtDQ0hkm5NkS7W4Bmvggs9OmVhrLbJ9kEN+MahtBuG+xmvp2uU+w==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <3F94B5E03BA55C439463E5274B414F7A@namprd05.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: caab339b-81e4-4150-fbb5-08d55dcda467
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2018 17:13:34.9829 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5SPR01MB87
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-17_08:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801170240
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/jT4v_yJMM0ZRTZ7IVyyPm-w6Rv0>
Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jan 2018 17:13:49 -0000


> IMHO, if this module is supposed to be useful in practice, without
> requiring immediately proprietary augmentations, UDP needs to be
> supported.  RFC 5424 also states that implementations SHOULD
> support a UDP transport per RFC 5426.  

Agreed.


> Whether TCP support should be included is debatable because not a
> standard transport.  Perhaps it should not, however given that it
> has already been specified, I don't think it hurts to have it as
> a feature/option for implementations that require it.  

Given the IESG statement (copied below) and the HISTORIC downref, I
think that this would be a hard sell.  But, if it turns out that
most vendors support RFC 6587, then a case could be made for it.

Kent


> -----Original Message-----
> From: netmod [mailto:netmod-bounces@ietf.org] On Behalf Of Alex
> Campbell
> Sent: Tuesday, January 16, 2018 1:46 PM
> To: Benoit Claise <bclaise@cisco.com>; Kent Watsen
> <kwatsen@juniper.net>; netmod@ietf.org
> Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
> 
> By the same reasoning surely UDP should not be available either, because it
> also doesn't provide security.
> ________________________________________
> From: netmod <netmod-bounces@ietf.org> on behalf of Benoit Claise
> <bclaise@cisco.com>
> Sent: Wednesday, 17 January 2018 6:23 a.m.
> To: Kent Watsen; netmod@ietf.org
> Subject: Re: [netmod] I-D Action: draft-ietf-netmod-syslog-model-19.txt
> 
> Hi,
> >
> >    ** Downref: Normative reference to an Historic RFC: RFC 6587
> >
> > Kent: hmmm, what's going on here?  This YANG module is providing an
> ability to configure the "tcp" transport, even though the IESG made that
> ability historic in 2012 (see IESG Note below).  Searching online, it looks like
> Cisco supports this, but Juniper does not.  What about other vendors, is it
> widely supported?  Was this discussed in the WG?  Answering my own
> question, searching my local mailbox, I don't see this ever being discussed
> before, other than Martin questioning if it was a good idea in Mar 2016 (no
> response).  Please start a thread on the list to get WG opinion if it's okay for
> the draft to proceed as is or not.  Here's the IESG Note from RFC 6587:
> >
> >     IESG Note
> >
> >     The IESG does not recommend implementing or deploying syslog over
> >     plain tcp, which is described in this document, because it lacks the
> >     ability to enable strong security [RFC3365].
> >
> >     Implementation of the TLS transport [RFC5425] is recommended so that
> >     appropriate security features are available to operators who want to
> >     deploy secure syslog.  Similarly, those security features can be
> >     turned off for those who do not want them.
> >
> >
> >
> Well, I believe it's clear plain TCP should not be in the YANG module.
> 
> Regards, Benoit
>

v2.23.0 | Report a Bug | By Email