From nobody Fri Dec 10 15:27:44 2021 Return-Path: X-Original-To: syslog@ietfa.amsl.com Delivered-To: syslog@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29CDA3A0954 for ; Fri, 10 Dec 2021 15:27:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H7YLN2qVMkju for ; Fri, 10 Dec 2021 15:27:38 -0800 (PST) Received: from mail-oi1-x22c.google.com (mail-oi1-x22c.google.com [IPv6:2607:f8b0:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE4613A094D for ; Fri, 10 Dec 2021 15:27:38 -0800 (PST) Received: by mail-oi1-x22c.google.com with SMTP id bf8so15334032oib.6 for ; Fri, 10 Dec 2021 15:27:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:references :content-language:to:from:in-reply-to; bh=4mNSC+zDLH3qzr/gOR7YgB5IjMR0Jq0Os4H5j1kDOQk=; b=W8DbemTzHPW/5XLHEeRxYggdqyNsij5r1wuNXhvPvpr9Yxi+mdQgc1la4kOy/lYU8I krWzpSB8WaAC3jgGFbWc7+zWjaM5gF2L1sSRtdW6eG4BFGaMM/48Y3I/JItvBwX99jJH 4osW2+w2AOdyg7XDjz4W0mPzMuOOq2qDaRw4LKqBcrsW8Adx2So4bIRoE1TFqOefeLws HRASc9nRdT1sicm0BWVd2SIIW4FGdnKY2XfuZ4bwP3mMIsQZP8bAO4OJ2r0kQDV8PyZe cEGJXCo+c4n9xVNpvt29nIHuxgnb0F2GGmVp2MshoKBTa7qpM53UGcpMCqcVQhD6S6YY JUSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :references:content-language:to:from:in-reply-to; bh=4mNSC+zDLH3qzr/gOR7YgB5IjMR0Jq0Os4H5j1kDOQk=; b=Pv7NLJ7yGGs/E1rMVHLE1NXAV+zWOvy60r+7yemGHGN9MaMRl7Lys+tPjCRpKwPAyr mHJMX+K1WdjEHe0j09J4OFiiDD48ZKDhvE0H6cCsOL0v6yuatosbKvzgmh6nclzgJKNt pua9bLUZxOxiRpJLbuV2b86cTaEKpdTqCclDQGgJtBxbGtTXDHA+PvuDDIdN0CRCDg8q nC+Q4m4OG/n/1BXlc+vLSMYiXKH2Gb5l/K/R1NeNjESRhKUUBmH8gOfuwr/bevnJchSH rzdYU/phRemh8Rxo+woblacv0Y1uAMRAAbA7IZjUWsiqIRzwjOZGcGh14wstvTzvfqav sPWQ== X-Gm-Message-State: AOAM532xyK+sF4FF4/XPj1AiJ93gzOWsOqbwwk/c2Reb2stJ+mCuEYhG ICEuKsZC2NVZNDjt9KOnCW4NGGH0Viw= X-Google-Smtp-Source: ABdhPJwW9XEYaFaU5Ej02T2rDRy5m8i/BkkWlDT+tullmoD5yCHwU99yUKO/oUGk1SEmoF55Akjs8A== X-Received: by 2002:a05:6808:1210:: with SMTP id a16mr15061168oil.161.1639178856638; Fri, 10 Dec 2021 15:27:36 -0800 (PST) Received: from ?IPV6:2600:1700:12b0:adf0:fd8b:3d01:db28:6cc6? ([2600:1700:12b0:adf0:fd8b:3d01:db28:6cc6]) by smtp.googlemail.com with ESMTPSA id bh12sm1098922oib.25.2021.12.10.15.27.35 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 10 Dec 2021 15:27:36 -0800 (PST) Content-Type: multipart/alternative; boundary="------------YmRxIN3YpBnRcoWFj2mVj0to" Message-ID: <928a9aa6-7585-55ed-051b-ad68073a947a@gmail.com> Date: Fri, 10 Dec 2021 17:27:35 -0600 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.2.0 References: <163917706473.14037.18043022518803073486@ietfa.amsl.com> Content-Language: en-US To: "syslog@ietf.org" , "sean@sn3rd.com" , Joe Salowey , Arijit Bose From: Chris Lonvick In-Reply-To: <163917706473.14037.18043022518803073486@ietfa.amsl.com> X-Forwarded-Message-Id: <163917706473.14037.18043022518803073486@ietfa.amsl.com> Archived-At: Subject: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt X-BeenThere: syslog@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2021 23:27:43 -0000 This is a multi-part message in MIME format. --------------YmRxIN3YpBnRcoWFj2mVj0to Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Hi Folks, As Tom and Jurgen noted, Arijit Kumar Bose did send some notes to the Syslog mailing list. By the time I had snapped to, the system had timed most of them out. I finally got that last one approved and forwarded to the mailing list. Arijit (and the IEC WG15) rightly notes that the RFCs are using deprecated cipher suits and the DTLS RFC is using a deprecated version. Sean, Joe, and I worked out a -00 draft to address these issues. Like all -00 IDs, it's open to comments. :-) We know that there are some larger efforts underway to address TLS, DTLS and cipher suites. We're not going to try to do that here. Rather, we'd like to update RFCs 5425 and 6012 to get them compliant with current standards with a minimal impact to current implementations. Sean is going to run this by the secdispatch group to see if they can make a recommendation on where this may be best addressed and discussed. I'm sure that we'll get some good input from the group here on the Syslog mail list, so please send in your comments and let's get these two RFCs updated to using current best practices. Best regards and have a great weekend, Chris -------- Forwarded Message -------- Subject: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt Date: Fri, 10 Dec 2021 14:57:44 -0800 From: internet-drafts@ietf.org Reply-To: internet-drafts@ietf.org To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Updates to the Cipher Suites in Secure Syslog Authors : Chris Lonvick Sean Turner Joe Salowey Filename : draft-ciphersuites-in-sec-syslog-00.txt Pages : 8 Date : 2021-12-10 Abstract: This document updates the cipher suites in RFC 5425, Transport Layer Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog. It also updates the transport protocol in RFC 6012. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ciphersuites-in-sec-syslog/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ciphersuites-in-sec-syslog-00.html Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt --------------YmRxIN3YpBnRcoWFj2mVj0to Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Hi Folks,

As Tom and Jurgen noted, Arijit Kumar Bose did send some notes to the Syslog mailing list. By the time I had snapped to, the system had timed most of them out. I finally got that last one approved and forwarded to the mailing list.

Arijit (and the IEC WG15) rightly notes that the RFCs are using deprecated cipher suits and the DTLS RFC is using a deprecated version.

Sean, Joe, and I worked out a -00 draft to address these issues. Like all -00 IDs, it's open to comments. :-) We know that there are some larger efforts underway to address TLS, DTLS and cipher suites. We're not going to try to do that here. Rather, we'd like to update RFCs 5425 and 6012 to get them compliant with current standards with a minimal impact to current implementations.

Sean is going to run this by the secdispatch group to see if they can make a recommendation on where this may be best addressed and discussed. I'm sure that we'll get some good input from the group here on the Syslog mail list, so please send in your comments and let's get these two RFCs updated to using current best practices.

Best regards and have a great weekend,
Chris


-------- Forwarded Message --------
Subject: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt
Date: Fri, 10 Dec 2021 14:57:44 -0800
From: internet-drafts@ietf.org
Reply-To: internet-drafts@ietf.org
To: i-d-announce@ietf.org



A New Internet-Draft is available from the on-line Internet-Drafts directories.


Title : Updates to the Cipher Suites in Secure Syslog
Authors : Chris Lonvick
Sean Turner
Joe Salowey
Filename : draft-ciphersuites-in-sec-syslog-00.txt
Pages : 8
Date : 2021-12-10

Abstract:
This document updates the cipher suites in RFC 5425, Transport Layer
Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram
Transport Layer Security (DTLS) Transport Mapping for Syslog. It
also updates the transport protocol in RFC 6012.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ciphersuites-in-sec-syslog/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ciphersuites-in-sec-syslog-00.html


Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts


_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
--------------YmRxIN3YpBnRcoWFj2mVj0to--