RE: [Syslog] stream transport wasdraft-ietf-syslog-transport-tls-01.txt
Miao Fuyou <miaofy@huawei.com> Tue, 20 June 2006 02:23 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FsVtq-0000p9-6E; Mon, 19 Jun 2006 22:23:30 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FsVto-0000p3-N3 for syslog@ietf.org; Mon, 19 Jun 2006 22:23:28 -0400
Received: from szxga03-in.huawei.com ([61.144.161.55] helo=huawei.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FsVtn-0005W6-Rs for syslog@ietf.org; Mon, 19 Jun 2006 22:23:28 -0400
Received: from huawei.com (szxga03-in [172.24.2.9]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0J1500GMC0D5I4@szxga03-in.huawei.com> for syslog@ietf.org; Tue, 20 Jun 2006 10:31:53 +0800 (CST)
Received: from huawei.com ([172.24.1.24]) by szxga03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0J1500HC00D575@szxga03-in.huawei.com> for syslog@ietf.org; Tue, 20 Jun 2006 10:31:53 +0800 (CST)
Received: from m19684 ([10.110.114.232]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTPA id <0J1500AG60FIYI@szxml04-in.huawei.com> for syslog@ietf.org; Tue, 20 Jun 2006 10:33:21 +0800 (CST)
Date: Tue, 20 Jun 2006 10:22:36 +0800
From: Miao Fuyou <miaofy@huawei.com>
Subject: RE: [Syslog] stream transport wasdraft-ietf-syslog-transport-tls-01.txt
In-reply-to: <002d01c6911d$d8cc8900$0601a8c0@pc6>
To: 'Tom Petch' <nwnetworks@dial.pipex.com>
Message-id: <027c01c69410$656456a0$e8726e0a@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-Mailer: Microsoft Office Outlook 11
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Thread-index: AcaRJsvDvqeDRu+GRBiGp7K0XeJxhwC5c/cQ
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9a2be21919e71dc6faef12b370c4ecf5
Cc: syslog@ietf.org
X-BeenThere: syslog@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@lists.ietf.org>
List-Help: <mailto:syslog-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=subscribe>
Errors-To: syslog-bounces@lists.ietf.org
I believe when people talks about TLS, he is talking about RFC4346 or RFC2246 rather than DTLS. TLS itself is over TCP, so it is not illogical to include something about TCP. Yes, maybe it is favorable to have Syslog over TCP and Syslog over DTLS for Syslog working group. But, there will be several transport documents for the working group: 1, Syslog over UDP, already there and favorable for implementers 2, Syslog over TCP, what is the benefit? 3, Syslog over TLS 4, Syslog over DTLS, I reckon implementer would like it, but does IESG satisfy to this transport? With so many transport, implementer will be puzzled. Which is recommended by the working group? The current ones are option 1 and 3. > -----Original Message----- > From: Tom Petch [mailto:nwnetworks@dial.pipex.com] > Sent: Friday, June 16, 2006 4:13 PM > To: syslog@ietf.org > Subject: Re: [Syslog] stream transport > wasdraft-ietf-syslog-transport-tls-01.txt > > I think that this document has some way to go. It has > introduced, and woven together, both TLS and TCP transport, > which I think wrong. Ideally, I think that we should have > two separate documents, one dealing with TLS, the other with > TCP issues; given that both would be short, it is probably > sensible to have only the one, but I still see the need for > separation within the document. After all, DTLS exists: an > outsider could, should, think that syslog is UDP-based, DTLS > provides UDP security so DTLS is the obvious choice, what on > earth is this document talking about? We need a section on > DTLS (if only justifying why it is not for further > consideration). And, for me, that alone justifies teasing > out the TLS issues from the TCP issues; is FRAME-LEN needed > over DTLS?. > > That said, I do not think that this document adequately > covers the TCP issues, ones that have surfaced on the list before. > > TLSoTCP can deliver one syslog message, many syslog messages, > part of a syslog message or a combination thereof - it is in > the nature of a stream protocol. > This needs spelling out. > > A TCP connection takes time to set up, TLSoTCP longer. This > needs spelling out; if timely delivery is a concern, then the > connection should be established in advance. > > The section on TCP termination is too weak. If we are > recommending a timeout, then we should recommend a value, > even specifying that it should be configurable over a range. > And if we cannot agree on such values, I do not think we > should be specifying a timeout. > > TCP perforce introduces flow control. This will slow down > and rate limit messages; what is the impact of this on the > application? > > TCP failures can terminate the connection! Again, this has > an impact on the application with the time taken to become > aware that the connection has failed. > > Tom Petch > > ----- Original Message ----- > From: "David B Harrington" <dbharrington@comcast.net> > To: <syslog@ietf.org> > Sent: Tuesday, May 09, 2006 4:26 PM > Subject: [Syslog] draft-ietf-syslog-transport-tls-01.txt > > > Hi, > > A new revision of the syslog/TLS draft is available. > http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-tls-01 > .txt > > We need reviewers. > Can we get > 1) a person to check the grammar? > 2) a person to check the syslog technical parts? > 3) a person to check compatibility with the other WG documents? > 4) a person to check the TLS technical parts? > > We also need general reviews of the document by multiple people. > > Thanks, > David Harrington > co-chair, Syslog WG > ietfdbh@comcast.net > _______________________________________________ > Syslog mailing list > Syslog@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/syslog > > > _______________________________________________ > Syslog mailing list > Syslog@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/syslog > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
- [Syslog] draft-ietf-syslog-transport-tls-01.txt David B Harrington
- RE: [Syslog] draft-ietf-syslog-transport-tls-01.t… Rainer Gerhards
- Re: [Syslog] stream transport was draft-ietf-sysl… Tom Petch
- Re: [Syslog] ciphersuites was draft-ietf-syslog-t… Tom Petch
- RE: [Syslog] ciphersuites was draft-ietf-syslog-t… Miao Fuyou
- RE: [Syslog] stream transport wasdraft-ietf-syslo… Miao Fuyou
- Re: [Syslog] stream transport wasdraft-ietf-syslo… Darren J Moffat
- RE: [Syslog] stream transportwasdraft-ietf-syslog… Rainer Gerhards
- Re: [Syslog] delineated datagrams was draft-ietf-… Tom Petch
- [Syslog] stream transport David Harrington
- RE: [Syslog] delineated datagrams wasdraft-ietf-s… Miao Fuyou
- RE: [Syslog] delineated datagramswasdraft-ietf-sy… Rainer Gerhards
- RE: [Syslog] delineated datagrams Miao Fuyou
- RE: [Syslog] delineated datagrams Chris Lonvick
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams David Harrington
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams John Calcote
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams John Calcote
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams Rainer Gerhards
- Re: [Syslog] delineated datagrams Chris Lonvick
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams David Harrington