IETF Logo Mail Archive

Re: [Uri-review] syslog URI, anyone?

Ted Hardie <hardie@qualcomm.com> Thu, 10 May 2007 18:25 UTC

Return-path: <uri-review-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmDKt-0002Zc-Im; Thu, 10 May 2007 14:25:55 -0400
Received: from uri-review by megatron.ietf.org with local (Exim 4.43) id 1HmDKs-0002ZX-A0 for uri-review-confirm+ok@megatron.ietf.org; Thu, 10 May 2007 14:25:54 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmDKr-0002ZP-MP for uri-review@ietf.org; Thu, 10 May 2007 14:25:53 -0400
Received: from numenor.qualcomm.com ([129.46.51.58]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HmDKp-0003dl-Jz for uri-review@ietf.org; Thu, 10 May 2007 14:25:53 -0400
Received: from totoro.qualcomm.com (totoro.qualcomm.com [129.46.61.158]) by numenor.qualcomm.com (8.13.6/8.12.5/1.0) with ESMTP id l4AIPoMB018424 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 10 May 2007 11:25:50 -0700
Received: from [76.102.225.135] (vpn-10-50-16-83.qualcomm.com [10.50.16.83]) by totoro.qualcomm.com (8.13.6/8.13.6/1.0) with ESMTP id l4AIPlin002764; Thu, 10 May 2007 11:25:49 -0700 (PDT)
Mime-Version: 1.0
Message-Id: <p06240603c2690fa0db46@[76.102.225.135]>
In-Reply-To: <46406A38.1010109@cisco.com>
References: <46406A38.1010109@cisco.com>
Date: Thu, 10 May 2007 11:25:46 -0700
To: Eliot Lear <lear@cisco.com>, uri-review@ietf.org
From: Ted Hardie <hardie@qualcomm.com>
Subject: Re: [Uri-review] syslog URI, anyone?
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f4c2cf0bccc868e4cc88dace71fb3f44
Cc:
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
Errors-To: uri-review-bounces@ietf.org

At 2:16 PM +0200 5/8/07, Eliot Lear wrote:
>Dear all,
>
>I would like to draw your attention to <http://tools.ietf.org/html/draft-lear-ietf-syslog-uri-00>draft-lear-ietf-syslog-uri-00 and request your comments.  This URI is meant to be passed via a configuration mechanism such as DHCP or a configuration file, to indicate a logging server.  I envision simple devices making use of it at first, possibly expanding upward.  There are three URIs defined because there are three transports for SYSLOG: UDP, BEEP, and soon TLS.  My questions for this esteemed body are these:

First off, I have to say that this is an admirably short document, but I am somewhat
concerned that if the use of the scheme does increase that this "target-only"
style URI won't be enough. 

Would including an optional version field be useful?  draft-ietf-syslog-protocol-20
does seem to allow for syslog to be versioned (see section 6.2.2) and it might
be useful to include that.

Would including parameters to designate which Facilities and which Severity levels
are desired be useful? 


>1.	Is the use of '.' within the scheme name still considered good form?  This use seems obvious to me, given what else is out there, but perhaps there's something I missed in RFC 4395?

For cases like this, it does seem to work.  Given how simple this is, you could
also use a parameter pretty easily, e.g. syslog://host:port/;transport=beep .


>2.	I would like to cede control of this to the IESG.  Does that itself require IESG approval?

I think so.  I'm assuming that this has been/will be reviewed by the SYSLOG
working group.  It can be ceded to the IESG, which can re-delegate it to SYSLOG
for as long as the WG is around.



>3.	Are the URIs and templates in good form?  I am particularly concerned about Security Considerations because the URI itself has very limited scope.  There is only one operation associated with this URI (send syslog messages) and I'm not quite certain what else is needed.

The Security considerations does seem to mix the security of the data passed by
syslog with the URI itself.  The base URI security considerations in 3986 would apply
here, and they should be cited.


>4.	Should I be registering these as permanent or provisional?  They will each be based on IETF standards.

Permanent, probably.  Certainly if reviewed to and agreed by the SYSLOG WG,
they can go for permanent.
					Ted


>My intent is to follow this up with a DHCP option.  Yes, there is a "logging" option out there now, but shockingly it refers to something done at MIT many years ago for which there is no documentation available.  And so my thought was to pass a URI so devices know what transport to use (or not).
>
>Comments?
>
>Thanks for your help,
>
>Eliot
>
>_______________________________________________
>Uri-review mailing list
>Uri-review@ietf.org
>https://www1.ietf.org/mailman/listinfo/uri-review



_______________________________________________
Uri-review mailing list
Uri-review@ietf.org
https://www1.ietf.org/mailman/listinfo/uri-review

v2.23.0 | Report a Bug | By Email