Re: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls
robert.horn@agfa.com Mon, 24 May 2010 14:16 UTC
Return-Path: <prvs=7533c0088=robert.horn@agfa.com>
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 58C2D3A6EA8 for <syslog@core3.amsl.com>; Mon, 24 May 2010 07:16:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.399
X-Spam-Level:
X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[BAYES_50=0.001, J_CHICKENPOX_15=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WxyGqIUcJeoI for <syslog@core3.amsl.com>; Mon, 24 May 2010 07:16:50 -0700 (PDT)
Received: from mornm01-out.agfa.com (mornm01-out.agfa.com [134.54.1.75]) by core3.amsl.com (Postfix) with ESMTP id 5B0033A6EAB for <syslog@ietf.org>; Mon, 24 May 2010 07:16:24 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.53,291,1272837600"; d="scan'208";a="101276293"
Received: from morswa037.agfa.be (HELO morswa037.be.local) ([10.232.220.21]) by mornm01-out.agfa.com with ESMTP; 24 May 2010 16:16:13 +0200
In-Reply-To: <4BF7F544.70004@ieca.com>
To: turners@ieca.com
MIME-Version: 1.0
Message-ID: <OFD41F0681.FA1F3FD8-ON8525772D.004DA94F-8525772D.004E6138@agfa.com>
From: robert.horn@agfa.com
Date: Mon, 24 May 2010 10:13:23 -0400
Content-Type: text/plain; charset="US-ASCII"
Cc: syslog <syslog@ietf.org>
Subject: Re: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 May 2010 14:16:53 -0000
syslog-bounces@ietf.org wrote on 05/22/2010 11:16:20 AM: > t.petch wrote: > > I see that this I-D had entered 'Revised I-D needed' which I would like to > > progress. > > > > I see several comments about maximum record size, including a > suggestion that we > > should make the 'SHOULD NOT' a 'MUST NOT' exceed 2**14. > > > > I am dead set against this change. We had a clear requirment, early on, to > > allow 65k messages, and I think it wrong to MUST NOT that > requirement. The text > > in the other I-Ds is a compromise to strke a balance between this and having > > everything fit in 576 byte; I think we have the balance right. > > My response to Alexey was that this I-D borrows that particular > requirement from RFC4347 and that this I-D shouldn't be upping the > requirement. If it's okay with you, I'll forward him your response. > The way I read his comment was that he's just asking why - he's not > really requesting a change. > In this case, could the requirement be rephrased in syslog over dtls. Rather than imply that the 2**14 limit is de novo in syslog, a phrasing like "RFC 4347 limits the size of DTLS message bodies to 2**14 bytes" would be preferable. The limit will still be an issue for some parts of healthcare and this kind of phrasing points to the real source of the limit. Then, if some later version of DTLS changes that limit, the syslog over dtls would inherit that change. This would be consistent with the approach taken in syslog over UDP, where the size limits are recommendations up until the hard limit for the size of a UDP message, and it is made clear that UDP is the reason for the hard limit. Kind Regards, Robert Horn | Agfa HealthCare Research Scientist | HE/Technology Office T +1 978 897 4860 Agfa HealthCare Corporation, 100 Challenger Road, Ridgefield Park, NJ, 07660-2199, United States http://www.agfa.com/healthcare/ Click on link to read important disclaimer: http://www.agfa.com/healthcare/maildisclaimer
- [Syslog] AD review comments for draft-ietf-syslog… Sean Turner
- Re: [Syslog] AD review comments for draft-ietf-sy… Chris Lonvick
- Re: [Syslog] AD review comments for draft-ietf-sy… Joseph Salowey (jsalowey)
- Re: [Syslog] AD review comments for draft-ietf-sy… Sean Turner
- Re: [Syslog] AD review comments for draft-ietf-sy… Joseph Salowey (jsalowey)
- Re: [Syslog] AD review comments for draft-ietf-sy… tom.petch
- Re: [Syslog] AD review comments for draft-ietf-sy… Chris Lonvick
- Re: [Syslog] AD review comments for draft-ietf-sy… Sean Turner
- Re: [Syslog] AD review comments for draft-ietf-sy… Tim Evens
- Re: [Syslog] AD review comments for draft-ietf-sy… tom.petch
- Re: [Syslog] AD review comments for draft-ietf-sy… Tim Evens
- [Syslog] AD review discuss/comments for draft-iet… t.petch
- Re: [Syslog] AD review discuss/comments for draft… Rainer Gerhards
- Re: [Syslog] AD review discuss/comments for draft… Sean Turner
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- Re: [Syslog] AD review discuss/comments for draft… robert.horn
- Re: [Syslog] AD review discuss/comments for draft… t.petch
- Re: [Syslog] AD review discuss/comments for draft… t.petch
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- [Syslog] AD review discuss/comments for draft-iet… t.petch