My opinion is that this should not be a MUST, maybe not even a SHOULD. I think this decision needs to be left to the operator. While it is advisable to authenticate peers, operators might decide against it. This is especially the case in SOHO environments, where the user is typically not knowledgeable enough to set it up. I think it would be better to have some degree of "out of the box interop" than make people resort to unsecured UDP syslog. Of course, there is ample argument that this lax "out of the box" (in)security is the root cause of botnets and other security issues.
In any case, I think a MUST would be overdone IMHO. Rainer > -----Original Message----- > From: Miao Fuyou [mailto:[EMAIL PROTECTED] > Sent: Monday, March 20, 2006 3:38 AM > To: 'Chris Lonvick'; [EMAIL PROTECTED] > Subject: [Syslog] Other syslog-tls Issues---Issue 4 > > > > [Issue 4]: Shall we mandate the sender MUST be authenticated? Most > of the Syslogd accepts messages only from configured address. > > > _______________________________________________ > Syslog mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/syslog > _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
