Sam: > May I recommend TLS PSK
Interesting option. Probably not as mature as just using HMAC message digests. Is there some document which compares and contrasts TLS and SSH? It seems recent RFCs surrounding both have put them on a redundancy path. I'd really like to learn why IETF is pursuing both of those at the same time. > or TLS in anonymous DH mode in > preference to inventing your own transport that does not use PKI? This, I think, does not accomplish an objective of authentication or frankly any non-trivial security, unless I am missing something. It does not really do privacy either since it is susceptible to man-in-the-middle. > Also, before doing something based on shared secrets > carefully consider the requirements of RFC 4107. Good read. Thanks! It bring up a question as to what kind of environment syslog really addresses: private-only network or private and public. It is one thing to manage alerts from web server farm and another thing to manage millions of consumer CPEs such as internet modems, VoIP ATA, etc. A lot of CPE protocols nowadays go towards having a built-in certificate or even multiple of them. In the case of alerts from something like VoIP ATA which would go over public network, I would think privacy would be more important too. I have also never been clear on the scope of syslog vs SNMP. There is a large overlap. It would be great if this was clear in the charter. I hope I am not opening up a deep rat hole here. Thanks, Anton. _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog