On Tue, 11 Jun 2002, Marc E. Mandel wrote: > In response to Ben Nagy's 06/08/2002 message that asked: > "I see the need for evidence quality data, but I can't see how > incorporating signatures in that way would go any way towards making > data more courtworthy. To cheat, I just fake the logs on my firewall, > sign them (because I have the private keys on the firewall) and send > them to my collector. I might be missing something profound here, but I > can't think of a way to solve that problem without a trusted third party > acting in some manner. Is there one?" >
I think perhaps Ben was meaning, there's no verification his signed logs are any more trustworthy/courtworthy then the application/appliance you mention below would be. There's no 'verisign' as middleman to guarrentee his signature makes those logs, or the logs from SelectAccess which determines they are in fact something more then cheat signed. Unless I read you wrong here, even B T plc does not have this in place, or do they? Are they acting as a syslog CA? Thanks, Ron DuFresne > My response: > Baltimore Technologies plc has capabilities in both its SelectAccess and > UniCERT products that will cryptographically time stamp and digitally sign > each audit/log record as it is generated so that fake entries could not be > added later. > > The capability is compliant with 21CFR 11 (The Code of Federal Regulations > (CFR) Title 21 - Food and Drugs. Chapter 1 is prepared by the US Food and > Drug Administration. Part 11 deals with electronic records and electronic > signatures. The pharmaceutical industry is implementing solutions from the > PKI vendors, including Baltimore, so that they can comply with 21CFR 11.) > > The question is, does Baltimore have an existing agent that will execute on > the firewall? If not, the organization seeking such capability may have to > fund the effort for one to be coded or get the firewall vendor to work with > Baltimore to provide the capability as an optional feature. > > Marc Mandel > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > For Account Management (unsubscribe, get/change password, etc) Please go to: > http://lists.gnac.net/mailman/listinfo/firewalls > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
