That wording satisfies me. dbh
> -----Original Message----- > From: Miao Fuyou [mailto:[EMAIL PROTECTED] > Sent: Monday, November 27, 2006 9:07 PM > To: 'David Harrington'; 'Rainer Gerhards'; [EMAIL PROTECTED] > Subject: RE: [Syslog] Updated Syslog-tls Document > > > I am changing the sentence to: > > "For the deployment where confidentiality is a concern, receiver > authentication is required for sender/relay to make sure it > is talking to > the right peer. It is up to the operator to decide whether > confidentiality > is a concern for a specific deployment. " > > This sentence serves as a tip for deployer rather than something about > on-the-wire protocol. > > Thanks, > Miao > > > -----Original Message----- > > From: David Harrington [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, November 28, 2006 8:27 AM > > To: 'Rainer Gerhards'; 'Miao Fuyou'; [EMAIL PROTECTED] > > Subject: RE: [Syslog] Updated Syslog-tls Document > > > > > > > > > -----Original Message----- > > > From: Rainer Gerhards [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, November 23, 2006 2:48 AM > > > To: Miao Fuyou; [EMAIL PROTECTED] > > > Subject: RE: [Syslog] Updated Syslog-tls Document > > > > > ------------------------------------- > > > > > 5.1 > > > > > > > > > > == > > > > > When confidentiality is a concern, a sender/relay MUST > > > > authenticate > > > > > the receiver to make sure it is talking to the right peer. > > > > > == > > > > > > > > > > I do not find the MUST is appropriate here: "when > > confidentiality > > > > > is a concern" is not a hard fact. What does it mean? > > When MUST I > > > > > implement authentication. Is my Implementation not > compliant to > > > > > this doc if I have the wrong understanding of "when > > > > > confidentiality is a concern". Or MUST I always implement it, > > > > > because confidentiality is probably very often a concern? > > > > > > > > > > I think this is a operator-issue not to be dealt with in the > > > > > protocol. I suggest dropping this sentence or at last > > spell MUST > > > > > in lower case. > > > > > > > > > > > > > Probably lower case. The point is confidentility is meaningless > > > > without authenticaion. > > > > > > Well... maybe it is just a wording issue. Are we actually > REQUIREING > > a > > > sender to authenticate the receiver in all cases? If so, > we should > > > state that. My impression so far is that this is something that is > > optional > > > and at the discretion of the sender or the operator > configuring it. > > If > > > so, we should state that clearly too. As an implementor, I > > am unsure > > > what to do if I use the above text as a guideline. > > > > > > > Standards do not typically require an operator to use the > > technology in a specific manner; Standards do typically > > require implementers to implement in a way so that operators > > CAN configure the technology in the preferred > (interoperable) manner. > > > > MUST is used when the on-the-wire format/information/etc. > > must be interoperable for the protocol to work properly. > > > > I do not like seeing "must" in a document; either it deserves > > to be a MUST, i.e. it impacts on-the-wire interoperability, > > or it is an implementation/usage decision and we should not > > mandate it. If you use a lower case "must", then you'll need > > to convince me as co-chair that the usage is justifed before > > I send it to the IESG. > > > > Dbh > > > > > > > > > > > > > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog