IETF Logo Mail Archive

[Syslog] Proposed charter

Chris Lonvick <clonvick@cisco.com> Fri, 24 July 2009 03:16 UTC

Return-Path: <clonvick@cisco.com>
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 220D13A6CB3 for <syslog@core3.amsl.com>; Thu, 23 Jul 2009 20:16:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FZjrQkv6bOQI for <syslog@core3.amsl.com>; Thu, 23 Jul 2009 20:16:23 -0700 (PDT)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 222083A67E1 for <syslog@ietf.org>; Thu, 23 Jul 2009 20:16:23 -0700 (PDT)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: ApoEAE/EaEqrR7MV/2dsb2JhbAC4DYglkGgFhA0
X-IronPort-AV: E=Sophos;i="4.43,259,1246838400"; d="scan'208";a="352916820"
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-6.cisco.com with ESMTP; 24 Jul 2009 03:15:19 +0000
Received: from sj-core-3.cisco.com (sj-core-3.cisco.com [171.68.223.137]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id n6O3FJ49011477 for <syslog@ietf.org>; Thu, 23 Jul 2009 20:15:19 -0700
Received: from sjc-cde-011.cisco.com (sjc-cde-011.cisco.com [171.69.16.68]) by sj-core-3.cisco.com (8.13.8/8.14.3) with ESMTP id n6O3FJM0017223 for <syslog@ietf.org>; Fri, 24 Jul 2009 03:15:19 GMT
Date: Thu, 23 Jul 2009 20:15:19 -0700
From: Chris Lonvick <clonvick@cisco.com>
To: syslog@ietf.org
Message-ID: <Pine.GSO.4.63.0907231620110.27549@sjc-cde-011.cisco.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=2740; t=1248405319; x=1249269319; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=clonvick@cisco.com; z=From:=20Chris=20Lonvick=20<clonvick@cisco.com> |Subject:=20Proposed=20charter |Sender:=20; bh=iaXw+Lt0+v06+bKmJ2LcoSzBv9HfivgTvhCmj6qcde8=; b=Y/A5y2JAJ9LlrL1aydMp+z003c862Cx3Yl2a0E2tdrGXmsICV6x+tAGEL5 05UfZR89QBqmicunRreQPszzmXyfVogoDaUkg0ArgxIRyLTHIQKJlfFGQsp4 GtvM+SW7OEoTb8DooU/f4oAsWsbmJAfaB1XTVZp36GpPutIWeE6kw=;
Authentication-Results: sj-dkim-1; header.From=clonvick@cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Subject: [Syslog] Proposed charter
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2009 03:16:24 -0000

Hi Folks,

David and I discussed and we would like to propose the following as a new 
charter.

The goal that is listed is for what we have commitment at this time.  We 
can add more goals but that will only happen if we have solid commitment 
for people who will write a document and for people who will review it.

If you really want something that's in the ppt (you can find that in the 
on-line agenda) to be included in this charter, then get your comments to 
the list.

We would appreciate any comments to this draft charter before the WG 
meeting on Tuesday.

==========================================================================
Security Issues in Network Event Logging (syslog)

Last Modified: <today>
Additional information is available at tools.ietf.org/wg/syslog

Chair(s):
  <TBD>

Security Area Director(s):
  Tim Polk <tim.polk@nist.gov>
  Pasi Eronen <pasi.eronen@nokia.com>

Security Area Advisor:
  Pasi Eronen <pasi.eronen@nokia.com>

Mailing Lists:
  General Discussion: syslog@ietf.org
  To Subscribe: syslog-request@ietf.org
  In Body: in body: (un)subscribe
  Archive: http://www.ietf.org/mail-archive/web/syslog

Description of Working Group:

   This working group has standardized the syslog protocol (RFC5424), plus
   a TLS secured transport (RFC5425), and a nonsecure UDP transport (RFC
   5426). The WG under this charter will standardize a DTLS transport for
   syslog, providing a secure transport for syslog messages in cases where
   a connection-less transport is desired.  The threats that this WG will
   primarily address are modification, disclosure, and masquerade.  A
   secondary threat is message stream modification.  These threats are
   consistent with those addressed in the creation of RFC 5425.

   The syslog Working Group has the following objective:

   A document will be produced that uses DTLS as a secure transport for the
   delivery of syslog messages.  The resulting document will be consistent
   with the threats addressed in Transport Layer Security (TLS) Transport
   Mapping for Syslog (RFC 5425) so that the DTLS transport may be used
   with the same assurance of security.
   draft-feng-syslog-transport-dtls-01 is already similar to RFC5425 in
   this respect, so this draft will become the starting point for the WG
   document, which the WG will adjust as needed, and merge desired features
   from other sources, such as
   draft-petch-gerhards-syslog-transport-dtls-02.

Goals and Milestones:

Mar 2010 Submit Syslog DTLS Transport Mapping to the IESG for 
consideration as a PROPOSED STANDARD
==========================================================================

Thanks,
Chris & David

v2.23.0 | Report a Bug | By Email