[secdir] SecDir re-check of draft-ietf-syslog-sign-28
Tina TSOU <tena@huawei.com> Wed, 21 October 2009 03:25 UTC
Return-Path: <tena@huawei.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D7FF928C184; Tue, 20 Oct 2009 20:25:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.928
X-Spam-Level:
X-Spam-Status: No, score=-99.928 tagged_above=-999 required=5 tests=[AWL=0.567, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cybNbW1F+Rjo; Tue, 20 Oct 2009 20:25:52 -0700 (PDT)
Received: from szxga01-in.huawei.com (unknown [119.145.14.64]) by core3.amsl.com (Postfix) with ESMTP id 9A58928C185; Tue, 20 Oct 2009 20:25:52 -0700 (PDT)
Received: from huawei.com (szxga01-in [172.24.2.3]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRU004QWHJ2WW@szxga01-in.huawei.com>; Wed, 21 Oct 2009 11:25:50 +0800 (CST)
Received: from huawei.com ([172.24.1.24]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0KRU000SPHJ25K@szxga01-in.huawei.com>; Wed, 21 Oct 2009 11:25:50 +0800 (CST)
Received: from z24109b ([10.70.39.142]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0KRU00HREHJ2AU@szxml04-in.huawei.com>; Wed, 21 Oct 2009 11:25:50 +0800 (CST)
Date: Wed, 21 Oct 2009 11:25:50 +0800
From: Tina TSOU <tena@huawei.com>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-syslog-sign@tools.ietf.org, syslog-chairs@tools.ietf.org
Message-id: <00d701ca51fe$2fff1630$8e27460a@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
X-Mailer: Microsoft Outlook Express 6.00.2900.3598
Content-type: multipart/alternative; boundary="Boundary_(ID_HRQrkKnZHKMxKP+sFmTlCA)"
X-Priority: 3
X-MSMail-priority: Normal
Subject: [secdir] SecDir re-check of draft-ietf-syslog-sign-28
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2009 03:25:53 -0000
I have reviewed draft-ietf-syslog-sign-27 as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This document describes a mechanism, called syslog-sign in this document, which adds origin authentication, message integrity, replay resistance, message sequencing, and detection of missing messages to syslog. I sent the review of draft-ietf-syslog-sign-27 some time ago. I re-checked the draft-ietf-syslog-sign-28. I have no more further comments. B. R. Tina http://tinatsou.weebly.com/contact.html