RE: [Syslog] Syslog-sign & -protocol

"David Harrington" <ietfdbh@comcast.net> Mon, 14 August 2006 23:40 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCm2K-0000SU-F5; Mon, 14 Aug 2006 19:40:00 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCm2I-0000SP-RQ for syslog@ietf.org; Mon, 14 Aug 2006 19:39:58 -0400
Received: from alnrmhc11.comcast.net ([204.127.225.91]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GCm2H-0006z3-Iw for syslog@ietf.org; Mon, 14 Aug 2006 19:39:58 -0400
Received: from harrington73653 (c-24-61-222-235.hsd1.nh.comcast.net[24.61.222.235]) by comcast.net (alnrmhc11) with SMTP id <20060814233953b11000raufe>; Mon, 14 Aug 2006 23:39:57 +0000
From: David Harrington <ietfdbh@comcast.net>
To: 'Chris Lonvick' <clonvick@cisco.com>
Subject: RE: [Syslog] Syslog-sign & -protocol
Date: Mon, 14 Aug 2006 19:38:15 -0400
Message-ID: <0ab801c6bffa$b98295b0$0400a8c0@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
In-Reply-To: <Pine.GSO.4.63.0608140720340.16946@sjc-cde-003.cisco.com>
Thread-Index: Aca/roJs2gnSJbWPRHC1ZjPsbqWczAAS1itA
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 25620135586de10c627e3628c432b04a
Cc: syslog@ietf.org
X-BeenThere: syslog@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@lists.ietf.org>
List-Help: <mailto:syslog-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=subscribe>
Errors-To: syslog-bounces@lists.ietf.org

Hi,

When can we get an updated revision of syslog-sign? 

Our current timeline calls for starting WGLC Aug 28. The changes sound
sufficiently large that we should definitely try to review the changes
before we start a last call on the document.

David Harrington
dharrington@huawei.com 
dbharrington@comcast.net
ietfdbh@comcast.net
co-chair, Syslog WG 


> -----Original Message-----
> From: Chris Lonvick [mailto:clonvick@cisco.com] 
> Sent: Monday, August 14, 2006 10:33 AM
> To: Rainer Gerhards
> Cc: syslog@ietf.org
> Subject: Re: [Syslog] Syslog-sign & -protocol
> 
> Hi All,
> 
> On Sun, 13 Aug 2006, Rainer Gerhards wrote:
> 
> > Hi,
> >
> > A general comment: syslog-sign is still based on rfc 3164 
> and has ist own format definitions. It needs to be edited to 
> utilize the new work in syslog-protocol. It should now use 
> structured data for ist signature blocks.
> 
> Alex has moved much of it to be conformant with 
> syslog-protocol.  The work 
> that needs to be addressed (as I see it :)
> 
> For the Signature Block, should the payload of signatures be 
> part of the 
> "ssign" SD-ID, or should it be the payload (behind the BOM)?  
> Right now, 
> it is part of the SD-ID.
> 
> Similarly, about the "ssign-cert" and it's payload.  I think 
> it likely 
> that the Payload Block can be placed within a single 
> Certificate Block 
> based upon our discussions of the max length.
> 
> The document needs to define how to use "@enterpriseID" in some
cases.
> 
> Section 8.2 - the length is no longer limited to 1024B.
> 
> Section 9 - "Cookie Fields" are no longer used.
> 
> The IANA section also needs to specify which SD-IDs and 
> SD-Params should 
> be registered.
> 
> Should other SD-IDs be included with "ssign" and "ssign-cert" 
> SD-IDs?  (I 
> think so as that's how we include information about time 
> accuracy, etc.)
> 
> Thanks,
> Chris
> 
> _______________________________________________
> Syslog mailing list
> Syslog@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/syslog
> 


_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog