Re: [Syslog] transport-tls vs. syslog-sign
robert.horn@agfa.com Fri, 16 May 2008 14:28 UTC
Return-Path: <syslog-bounces@ietf.org>
X-Original-To: syslog-archive@megatron.ietf.org
Delivered-To: ietfarch-syslog-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9A1EC3A6993; Fri, 16 May 2008 07:28:54 -0700 (PDT)
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DBC9A3A6993; Fri, 16 May 2008 07:28:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Kjy4xIB9aiQ; Fri, 16 May 2008 07:28:52 -0700 (PDT)
Received: from mornm02-out.agfa.com (mornm02-out.agfa.com [134.54.1.77]) by core3.amsl.com (Postfix) with ESMTP id 81B173A67A1; Fri, 16 May 2008 07:28:50 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.27,497,1204498800"; d="scan'208";a="40283756"
Received: from morswa037.agfa.be (HELO morswa037.be.local) ([10.232.220.21]) by mornm02-out.agfa.com with ESMTP; 16 May 2008 16:28:23 +0200
In-Reply-To: <577465F99B41C842AAFBE9ED71E70ABA309028@grfint2.intern.adiscon.com>
To: rgerhards@hq.adiscon.com
MIME-Version: 1.0
Message-ID: <OFA69FA922.6593B43C-ON8525744B.004E0E56-8525744B.004F8054@agfa.com>
From: robert.horn@agfa.com
Date: Fri, 16 May 2008 10:28:20 -0400
Cc: syslog@ietf.org, syslog-bounces@ietf.org
Subject: Re: [Syslog] transport-tls vs. syslog-sign
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: syslog-bounces@ietf.org
Errors-To: syslog-bounces@ietf.org
> [Rainer] Hi all, > > I did a cross-check today between the two drafts. Both require > certificates. Syslog-sign actually includes distribution policies in > section 5. There is a huge difference between the ways certificates are > handled in both drafts. > > Implementing both will at least require duplicate/different code for > like tasks. Same goes for the administration. I have not yet a solution > proposal, but I would like to make the WG aware of this fact. > > What are your thoughts? > [RJHorn] To some degree you are describing the present state of implementation for certificate and key management. It's a mess. I expect that in the end this will generalize into: - For each different application purpose (browsing, signing, prescribing, logging, payments, ...) there will be stores for - Private key information (used locally to sign, etc.) - Trusted individual certificates (e.g., self-signed but not restricted to self-signed) - Trusted signing certificates - Anchors of Trust With luck there will emerge common maintenance methods, but they sure aren't there now. For each browser I've got a different maintenance method for trusted signers, trusted individual certificates, and private key information. I don't have any browsers that actually manage usig an anchor of trust. And that is for the single application purpose of browsing. The browsers are all different. The nature and meanings of trust is dependent on the application purpose, so you should not have a single single store. We will always need a way to have different stores for different purposes. Meanwhile, we struggle with every implementation having different maintenance methods. At least they agree on the PKCS format for exchanging these elements. I don't see syslog as the proper venue for doing more than defining use cases for this. Longer term, I hope that a common agreement emerges on how to name and organize these stores so that common maintenance can be implemented. For the specifics of sign vs transport, is there an application difference between being an authenticated sender of messages, and being an authenticated signer of messages? I think that there is, so they do need to be separate stores. I haven't looked at the details of functionality required by sign because I haven't had any real uses yet for signing the messages. The differences should be reducable to using different stores for key and certificate information, and performing different operations (e.g., signing) on the messages. _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog
- [Syslog] transport-tls vs. syslog-sign Rainer Gerhards
- Re: [Syslog] transport-tls vs. syslog-sign robert.horn
- Re: [Syslog] transport-tls vs. syslog-sign Rainer Gerhards
- Re: [Syslog] transport-tls vs. syslog-sign robert.horn
- Re: [Syslog] transport-tls vs. syslog-sign tom.petch
- Re: [Syslog] transport-tls vs. syslog-sign Alexander Clemm (alex)