[Syslog] Fw: New Version Notification for draft-chen-syslog-syscinfo-credibility-00.txt
Meiling Chen <chenmeiling@chinamobile.com> Tue, 15 March 2022 01:54 UTC
Return-Path: <chenmeiling@chinamobile.com>
X-Original-To: syslog@ietfa.amsl.com
Delivered-To: syslog@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 555313A16ED for <syslog@ietfa.amsl.com>; Mon, 14 Mar 2022 18:54:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iY_2xe75WNg4 for <syslog@ietfa.amsl.com>; Mon, 14 Mar 2022 18:54:25 -0700 (PDT)
Received: from cmccmta2.chinamobile.com (cmccmta2.chinamobile.com [221.176.66.80]) by ietfa.amsl.com (Postfix) with ESMTP id 351F23A16C9 for <syslog@ietf.org>; Mon, 14 Mar 2022 18:52:53 -0700 (PDT)
Received: from spf.mail.chinamobile.com (unknown[172.16.121.17]) by rmmx-syy-dmz-app07-12007 (RichMail) with SMTP id 2ee7622ff1742f9-f9c85; Tue, 15 Mar 2022 09:52:52 +0800 (CST)
X-RM-TRANSID: 2ee7622ff1742f9-f9c85
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from cmcc-PC (unknown[10.2.51.26]) by rmsmtp-syy-appsvr09-12009 (RichMail) with SMTP id 2ee9622ff172a1a-38eb9; Tue, 15 Mar 2022 09:52:51 +0800 (CST)
X-RM-TRANSID: 2ee9622ff172a1a-38eb9
Date: Tue, 15 Mar 2022 09:52:51 +0800
From: Meiling Chen <chenmeiling@chinamobile.com>
To: syslog <syslog@ietf.org>
Cc: suli <suli@chinamobile.com>, wangfengsheng <wangfengsheng@chinamobile.com>
X-Priority: 3
X-Has-Attach: no
X-Mailer: Foxmail 7.2.9.115[cn]
Mime-Version: 1.0
Message-ID: <2022031509525088032316@chinamobile.com>
Content-Type: multipart/alternative; boundary="----=_001_NextPart833210625045_=----"
Archived-At: <https://mailarchive.ietf.org/arch/msg/syslog/c2Da6BIctGMVRMdfeY5a8IbubUY>
Subject: [Syslog] Fw: New Version Notification for draft-chen-syslog-syscinfo-credibility-00.txt
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/syslog/>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 01:54:29 -0000
Hi folks, This draft is about syslog which used to improve logging credibility by adding synchronization time information. The trigger of this draft is that we found the attack vulnerability of syslog time synchronization during the experiment, the purpose is to improve rfc5424 with a slight modification. And the draft aimed at the discussion of credibility when the value "1" is used for "isSynced". We have received some suggestions from Sean and lonvick, will also update the version after open submission. If anyone is interested in this topic, please feel free to comment. Best, Meiling From: internet-drafts Date: 2022-03-07 10:18 To: Fengsheng Wang; Li Su; Meiling Chen; chenmeiling Subject: New Version Notification for draft-chen-syslog-syscinfo-credibility-00.txt A new version of I-D, draft-chen-syslog-syscinfo-credibility-00.txt has been successfully submitted by Meiling Chen and posted to the IETF repository. Name: draft-chen-syslog-syscinfo-credibility Revision: 00 Title: Improve logging credibility by adding synchronization time information Document date: 2022-03-06 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/archive/id/draft-chen-syslog-syscinfo-credibility-00.txt Status: https://datatracker.ietf.org/doc/draft-chen-syslog-syscinfo-credibility/ Html: https://www.ietf.org/archive/id/draft-chen-syslog-syscinfo-credibility-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-chen-syslog-syscinfo-credibility Abstract: This document proposes a scheme to improve the credibility of log reporting time by adding time synchronization information. This document updates the "timeQuality" structured Data in RFC 5424 [RFC5424], The Syslog Protocol. By appending "SYNCINFO" information after the "isSynced" parameter, the log collector can judge the credibility of logs when correlating logs of different devices. The IETF Secretariat
- [Syslog] Fw: New Version Notification for draft-c… Meiling Chen
- Re: [Syslog] Fw: New Version Notification for dra… tom petch
- Re: [Syslog] Fw: New Version Notification for dra… Meiling Chen