Re: [Syslog] Status of syslog/dtls ISSUES
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Mon, 21 June 2010 05:08 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 32DDC3A6A25 for <syslog@core3.amsl.com>; Sun, 20 Jun 2010 22:08:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.404
X-Spam-Level:
X-Spam-Status: No, score=-10.404 tagged_above=-999 required=5 tests=[AWL=0.195, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hzi3G3hOrZYu for <syslog@core3.amsl.com>; Sun, 20 Jun 2010 22:08:33 -0700 (PDT)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id 031723A697B for <syslog@ietf.org>; Sun, 20 Jun 2010 22:08:33 -0700 (PDT)
Authentication-Results: sj-iport-4.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAFKQHkyrR7Ht/2dsb2JhbACfBnGmWJk6hRsEg1Q
X-IronPort-AV: E=Sophos;i="4.53,451,1272844800"; d="scan'208";a="147302836"
Received: from sj-core-1.cisco.com ([171.71.177.237]) by sj-iport-4.cisco.com with ESMTP; 21 Jun 2010 05:08:39 +0000
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o5L58aSQ024823 for <syslog@ietf.org>; Mon, 21 Jun 2010 05:08:36 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Sun, 20 Jun 2010 22:08:36 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Sun, 20 Jun 2010 22:08:35 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE50AC6250F@xmb-sjc-225.amer.cisco.com>
In-Reply-To: <Pine.GSO.4.63.1006181451260.13308@sjc-cde-011.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Syslog] Status of syslog/dtls ISSUES
Thread-Index: AcsPNOqImq/7A9KKTdSEYHvwIIT8VgByTtqA
References: <Pine.GSO.4.63.1006181451260.13308@sjc-cde-011.cisco.com>
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: "Chris Lonvick (clonvick)" <clonvick@cisco.com>, syslog@ietf.org
X-OriginalArrivalTime: 21 Jun 2010 05:08:36.0664 (UTC) FILETIME=[CDDBF380:01CB10FF]
Subject: Re: [Syslog] Status of syslog/dtls ISSUES
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jun 2010 05:08:34 -0000
Most of this looks pretty straight forward: > Issue 8 - Tim Polk DISCUSS > STATUS: Discussed by Tom and David. Joe to incorporate changes. > [Joe] For this one I have Section 5 as: "Implementations of this specification MUST support DTLS over UDP and MUST support DTLS over DCCP [RFC5238] if the DCCP transport is available at run-time." And section 6 as: " DCCP has congestion control. For this reason, when DCCP is available, the syslog over DTLS over DCCP option is RECOMMENDED in preference to the syslog over the DTLS over UDP option." I'm think the RECOMMENDED in the section 6 needs to be replaced with something else, I'm not quite sure what. > Issue 9, 9a, and 9b - from a Tim Polk COMMENT > STATUS: It looks like 9 and 9a have been discussed and Tom has proposed > text to resolve them. Sean proposed text on 9b. I'd like some discussion > on that. > [Joe] I'm not sure 9b is necessary, but I don't think it causes harm. I'd modify the text to say " implementations often generate their own key pairs" since its possible for the generation to be done outside the implementation. > Issue 10 - Jari Arrko DISCUSS > STATUS: Same as Issue 1. Is the text proposed by Sean good to cover all > of this Issue, Issue 1 and Issue 2? > [Joe] I incorporated the text, I'm not sure it covers all the issues, I think Tom initiated some discussion on the TLS list, but I don't think it changes the result.
- [Syslog] Status of syslog/dtls ISSUES Chris Lonvick
- Re: [Syslog] Status of syslog/dtls ISSUES Joseph Salowey (jsalowey)
- Re: [Syslog] Status of syslog/dtls ISSUES David Harrington
- Re: [Syslog] Status of syslog/dtls ISSUES Joseph Salowey (jsalowey)
- Re: [Syslog] Status of syslog/dtls ISSUES David Harrington
- Re: [Syslog] Status of syslog/dtls ISSUES Joseph Salowey (jsalowey)
- Re: [Syslog] Status of syslog/dtls ISSUES David Harrington
- Re: [Syslog] Status of syslog/dtls ISSUES Chris Lonvick
- Re: [Syslog] Status of syslog/dtls ISSUES David Harrington