IETF Logo Mail Archive

Re: [Syslog] delineated datagrams was draft-ietf-syslog-transport-tls-01.txt

"Tom Petch" <nwnetworks@dial.pipex.com> Tue, 20 June 2006 17:30 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Fsk3E-0007hk-Pr; Tue, 20 Jun 2006 13:30:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Fsk3E-0007hf-8L for syslog@ietf.org; Tue, 20 Jun 2006 13:30:08 -0400
Received: from ranger.systems.pipex.net ([62.241.162.32]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Fsk3C-0003n6-V2 for syslog@ietf.org; Tue, 20 Jun 2006 13:30:08 -0400
Received: from pc6 (1Cust86.tnt24.lnd4.gbr.da.uu.net [62.188.151.86]) by ranger.systems.pipex.net (Postfix) with SMTP id 74C7AE000373; Tue, 20 Jun 2006 18:29:57 +0100 (BST)
Message-ID: <000201c69486$3a6a2080$0601a8c0@pc6>
From: Tom Petch <nwnetworks@dial.pipex.com>
To: syslog@ietf.org
References: <019001c67374$8d1a27e0$0400a8c0@china.huawei.com>
Subject: Re: [Syslog] delineated datagrams was draft-ietf-syslog-transport-tls-01.txt
Date: Tue, 20 Jun 2006 14:43:01 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 4d87d2aa806f79fed918a62e834505ca
Cc:
X-BeenThere: syslog@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Tom Petch <nwnetworks@dial.pipex.com>
List-Id: Security Issues in Network Event Logging <syslog.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@lists.ietf.org>
List-Help: <mailto:syslog-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=subscribe>
Errors-To: syslog-bounces@lists.ietf.org

I wonder if others share my concern about the lack of robustness in the way in
which datagrams are delineated in the stream protocol (a TCP rather than a TLS
issue).

The system works as long as
 - the frame length is encoded perfectly
 - the frame length is decoded perfectly
 - no bytes are inserted or removed in error
which is doubtless true in some networks, but I would prefer not to rely on it.

So, when an error occurs, can the Collector/Relay detect it?  Can the
Collector/Relay recover synch?  If not, what does the Collector/Relay do?

There is very little redundancy in the definition of frame length, and syslog
messages have very little structure to help the application, so I think that
this is an issue we should address.

Tom Petch

----- Original Message -----
From: "David B Harrington" <dbharrington@comcast.net>
To: <syslog@ietf.org>
Sent: Tuesday, May 09, 2006 4:26 PM
Subject: [Syslog] draft-ietf-syslog-transport-tls-01.txt


Hi,

A new revision of the syslog/TLS draft is available.
http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-tls-01
.txt

We need reviewers.
Can we get
1) a person to check the grammar?
2) a person to check the syslog technical parts?
3) a person to check compatibility with the other WG documents?
4) a person to check the TLS technical parts?

We also need general reviews of the document by multiple people.

Thanks,
David Harrington
co-chair, Syslog WG
ietfdbh@comcast.net


_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog


_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog

v2.23.0 | Report a Bug | By Email