Sam
I was about to say that we were getting into useful detail but that we could
sort out the charter without it, but you seem to saying not. That is, I was
hoping that where the charter says
The goal of this working group is to address the security and integrity
problems
it might say
The goal of this working group is to identify the security problems, perform
a threat analysis and document a solution to the perceived threats,
without committing us to either a -sign or a secure transport approach (and yes,
we did start the transport wars, some time ago, with SSH v TLS:-(
Tom Petch
----- Original Message -----
From: "Sam Hartman" <[EMAIL PROTECTED]>
To: "Rainer Gerhards" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, January 09, 2006 2:35 PM
Subject: Re: [Syslog] Charter comments from IESG Review
> >>>>> "Rainer" == Rainer Gerhards <[EMAIL PROTECTED]> writes:
>
> Rainer> This looks like I misunderstood your intension. I thought
> Rainer> that unsecured UDP should no longer be supported.
>
> That was not my intent.
>
> Rainer> So what
> Rainer> you actually said is that we can go ahead with the
> Rainer> unsecured UDP as long as we also mandate a (different)
> Rainer> secure transport.
>
>
> What I said is that you need to have a mandatory-to-implement mode of
> operation that meets your security goals. You can certainly support
> transport-udp. One way to do this is to have a new secure transport.
> Another way to do this (assuming you decide confidentiality need not
> be a security goal) is to use something like syslog-sign.
>
> Personally I think a new transport might be more important than
> syslog-sign but so long as the WG clearly articulates its security
> goals, those goals make sense, and the wg then meets the goals, the
> preference between syslog-sign and transport is a WG matter.
>
>
>
> Also, I agree that you have described the threats to syslog in
> adequate detail already; the question is which threats do you want
> toaddress. You do need to explain that in your documents and you need
> to justify that decision.
>
> So, how much needs to be done for the charter? Well, I'd like text
> added to the deliverable for -protocol noting that it will require a
> secure mode of operation. If you are going to decide that syslog-sign
> is the right path, then you should add text about that to the charter.
> I don't think you need to choose a transport before chartering,
> although I caution that transport wars are a good way to lose WG
> momentum; look at the ISMS work over the past few IETFs for an
> example.
>
> --Sam
>
>
> _______________________________________________
> Syslog mailing list
> Syslog@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/syslog
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
