list) and take Unicode on board.
Ambiguity? Yes I have lived with the confusion of 0/O 1/I/| 2/Z 5/S for decades
and see it as primarily the choice of the 'name space authority' not to choose
symbols, 'names', that are ambiguous.
Tom Petch
- Original Message -
Fr
s time in this
environment, then it would have been the right choice but at present, it is a
gamble which I do not want to take.
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
network devices. If you limit yourself
to network operations of network devices, then it appears to be
SSH a significant number
TLS so small as to be invisible
Tom Petch
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Chris Lonvic
b access (where I accept that SSL dominates).
Tom Petch
- Original Message -
From: "Rodney Thayer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 25, 2005 11:46 PM
Subject: Re: Why not TLS was Re: [Syslog] Secure substrate - need your input
>
both cases, there are problems of conformance, of there
being different, not quite standard flavours, and the work of the IETF is to
bring conformity to two well established protocols (bit like syslog:-).
Tom Petch
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMA
urvey for creating the
need for more surveys:-(.
Tom Petch
- Original Message -
From: "Darren Reed" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: "Rodney Thayer" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesda
Tom Petch
- Original Message -
From: "Moehrke, John (GE Healthcare)" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 26, 2005 6:07 PM
Subject: RE: Why not TLS was Re: [Syslog] Secure substrate - need your input
There is a miss understandin
.
More generally, I would ask the chairs of this WG to see if their Security
advisor has any generic thoughts on what protocols are appropriate. The isms
group got one or two surprises along the way in this area, perhaps reflecting a
preponderance of operations skills over security skills.
Tom Petch
here:-) So far so good.
But you seem to be saying more, that SD-NAME SHOULD be an English word, as
opposed to German or French or .. as well as being limited to the character set
above.
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: "
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, October 27, 2005 6:35 PM
Subject: RE: [Syslog] Unicode - was: AD Review fordraft-ietf-syslog-protocol-14
> I am not quite clear about this.
>
&
take a leap
that leaves some behind; the issue is, how many? Back to implementations.
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
affect backward compatability)
internationalisation is a big can of worms; I think specifying UTF8 as we have
done is as far as we should go
otherwise, no strong disagreements
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTE
be syslog-like.
What you want could be to netconf as private.enterprises is to SNMP.
Tom Petch
- Original Message -
From: "Moehrke, John (GE Healthcare)" <[EMAIL PROTECTED]>
To: "Darren Reed" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL
versa:-)
I would expect a MIB to be required of us by IESG unless we can put up a very
strong case why not.
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: "Rainer Gerhards" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sen
Tom Petch
- Original Message -
From: "Alexander Clemm (alex)" <[EMAIL PROTECTED]>
To: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>; "Chris Lonvick
(clonvick)" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 2
- Original Message -
From: "Darren Reed" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, November 25, 2005 11:35 PM
Subject: Re: [Syslog] Revised proposed charter
> [ Charset ISO-8859-1 unsupported
amongst them apart
from so that whilst that field will be retained, other fields may not be.
added to the paragraph on syslog protocol.
And yes, IESG and the ietf list will doubtless want to know why we regard that
as acceptable.
Tom Petch
- Original Message -
From: "Chris Lo
- Original Message -
From: "Darren Reed" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: "Chris Lonvick" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, November 26, 2005 12:39 PM
Subject: Re: [Syslog] Revised
saying that we have at present.
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: "Chris Lonvick" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 30, 2005 2:48 PM
Subjec
ils I receive are not
in US-ASCII but lack the charset= in which case the display on screen is
somewhat or totally corrupted.
So MIME does an ok job but can be fooled by the rest of the system; if we can do
that well with syslog, we should be proud of ourselves.
Tom Petch
_
As party to the original consensus, as reflected in -15, I know of nothing new
that causes me to want to change anything.
I note too that there is support for something in this area in netconf (amongst
other application protocols), where the issue is less acute since the protocol
is duplex.
Tom
I was thinking that is also not optional.
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 30, 2005 10:06 AM
Subject: RE: [Syslog] #7 field order
I just got private mail if a missi
nternationalising and expanding the scope of character messages.
Tom Petch
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Rainer Gerhards" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 30, 2005 7:28
to do when fields are absent or corrupt is
good, leading to a good chance of interoperability.
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>; "Chris Lonvick"
<[EMAIL PROTECTED]>
ring that can never be valid XML in a similar
manner.
My instinct is we should be doing more in this area, in particular having
greater consistency between MSG and PARAM-VALUE, in their transfer syntax and
termination..
Anyone else agree or disagree?
Tom Petch
- Original Message -
From: &q
I don't think this quite nails it down - see inline
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, December 12, 2005 2:38 AM
Subject: [Syslog] Newly revised proposed
;me too" on this list but is intended to
forestall objections that may well arise from the IESG or during IETF last call.
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
are not too many).
I'll see...
Rainer
> -----Original Message-
> From: Tom Petch [mailto:[EMAIL PROTECTED]
> Sent: Saturday, December 17, 2005 4:59 PM
> To: Rainer Gerhards
> Cc: [EMAIL PROTECTED]; Chris Lonvick
> Subject: nailing down characters in syslog-protoco
Not sure I have grasped the problem yet but the cases you cite would appear to
be covered by rules of the form, using pseudo-English as a shortcut,
FIELD = ONECHAR / MORECHAR
ONECHAR =
MORECHAR = 1*
which prohibits
-
but allows
--
i
-id-
etc
(but not:-)
Tom Petch
- Original Message
g messages onward. Really? could be but I think I am
lost here and that the introduction should be recast in the language of
RFC3164/syslog-protocol (even if it is intending to convey the above).
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.or
Sam
I struggle to think what a security system would look like when the protocol is
purely simplex, apart from a MAC to give integrity with some shared secret
transmitted totally out of band.
Are there any examples of simplex security elsewhere in the IETF?
Tom Petch
- Original Message
- Original Message -
From: "Sam Hartman" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, January 06, 2006 10:27 PM
Subject: Re: [Syslog] Charter comments from IESG Review
> >>>>> "T
The goal of this working group is to identify the security problems, perform
a threat analysis and document a solution to the perceived threats,
without committing us to either a -sign or a secure transport approach (and yes,
we did start the transport wars, some time ago, with SSH v TLS:-(
Tom
Anton
SSH is now a set of RFC, RFC425?
Tom Petch
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Chris Lonvick (clonvick)" <[EMAIL PROTECTED]>; "Balazs Scheidler"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PR
.
The only realistic alternative would be to incorporate signature blocks in the
style of syslog-sign in the structured data of the message being authenticated.
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo
meaning of
previous or later coded characters, it is not possible to determine where one
'symbol' ends. So truncation at a UTF-8 boundary could subtlety change the
meaning of a message, even breach security. Not something we can guard against
but should mention.
Tom Petch
- Origin
- Original Message -
From: "Darren Reed" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, January 16, 2006 10:51 PM
Subject: Re: [Syslog] Sec 6.1: Truncation
> [ Charset ISO-8859-1 unsupported, c
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Sam Hartman" <[EMAIL PROTECTED]>
Cc: "Chris Lonvick (clonvick)" <[EMAIL PROTECTED]>; "Tom Petch"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>; "Darren Reed"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, January 18, 2006 9:32 AM
Subject: RE: [Syslog] Sec 6.1:
ay not be emitted as syslog-protocol messages?
And when this document talks of this being used to manage a group of syslog
devices, what makes this a group? Are they all running under the same instance
of an operating system (allowing sysplex as a single operating system)? If not,
what makes it
truncation.
Tom Petch
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Darren Reed" <[EMAIL PROTECTED]>; "Tom Petch"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Friday, January 20, 2006 4:39 PM
Su
- Original Message -
From: "Glenn Mansfield Keeni" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, January 23, 2006 6:42 AM
Subject: Re: [Syslog] draft-ietf-syslog-device-mib-07.txt
> Tom,
> Tom Pe
in a little MAC here and
there. I think this makes it too complex, too costly with the result that the
security that is needed, and could be provided more simply, will not happen.
Tom Petch
___
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
is is resolved.
Tom Petch
- Original Message -
From: "Glenn Mansfield Keeni" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 26, 2006 6:43 AM
Subject: Re: [Syslog] draft-ietf-syslog-device-mi
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, January 30, 2006 3:33 AM
Subject: Re: [Syslog] Threat model requirements discussion
- Original Message -
From: "Balazs Scheidler" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>
Cc: "Chris Lonvick" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, January 31, 2006 2:34 PM
Subje
of transport is a
requirement for the mandatory to implement?
>
No; integrity per se yes (comes second on my list), but integrity independent of
transport, no (just nice to have)
Tom Petch
>
> --Sam
>
___
Syslog mailing list
Syslog@lists.
it.
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 07, 2006 3:09 PM
Subject: [Syslog] Coming to consensus on syslog threats
> Hi,
>
> In reviewing the messages around the thr
one. For myself, I am
comfortable with reusing 'sender or relay' in each case.
Tom Petch
- Original Message -
From: "David B Harrington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, May 17, 2006 11:09 PM
Subject: [Syslog] Tls-01
Hi,
has failed.
Tom Petch
- Original Message -
From: "David B Harrington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 09, 2006 4:26 PM
Subject: [Syslog] draft-ietf-syslog-transport-tls-01.txt
Hi,
A new revision of the syslog/TLS draft is availabl
present?
Tom Petch
- Original Message -
From: "David B Harrington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 09, 2006 4:26 PM
Subject: [Syslog] draft-ietf-syslog-transport-tls-01.txt
Hi,
A new revision of the syslog/TLS draft is available.
http:/
of frame length, and syslog
messages have very little structure to help the application, so I think that
this is an issue we should address.
Tom Petch
- Original Message -
From: "David B Harrington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, May 09
im on TLS
and then we would not be having this discussion :-)
But, in all seriousness, changing from TLS to anything is a charter change that
I think needs the approval of the IESG, and should require commitment, similar
to that given at the turn of the year, to produce conformant products.
Tom
- Original Message -
From: "Anton Okmianski (aokmians)" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, June 20, 2006 8:18 PM
Subject: RE: [Syslog] delineated datagrams
Tom:
I think these are valid concer
embedded in the charter (as well as, more obscurely,
in the discussions that led up to the charter change).
Tom Petch
- Original Message -
From: "Rainer Gerhards" <[EMAIL PROTECTED]>
To: "Tom Petch" <[EMAIL PROTECTED]>; "David Harrington"
<
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: "Darren Reed" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, July 05, 2006 6:25 PM
Subject: Re: [Syslog] Decisions to make about the Huawei IPR claim
>
elling out the relationships. (In draft-ietf-ipcdn-device-mibv2-11, I did
like the comment that ipv4 and SNMPv1 were the mandatory to implement options;
trusted and true technology).
Tom Petch
- Original Message -
From: "Jean-Francois Mule" <[EMAIL PROTECTED]>
To: &q
B) As the document is technically inadequate as a standard for syslog over TLS,
we
would also benefit from a fresh start with an editor without H*** in their
e-mail address.
Tom Petch
- Original Message -
From: "Chris Lonvick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECT
58 matches
Mail list logo