Hi Clyde, Since no concerns have been raised, should we be expecting an updated syslog draft shortly?
Kent // as shepherd -- Hi, As part of the last few steps before again calling for last call for draft-ietf-netmod-syslog-model-14, we are adding certificate support to the signing-options container. RFC 5848: Signed Syslog Messages is the RFC that governs this section. The signing-options container resides within the remote action destination list section of the model. This means signing-options will be configurable for each remote destination. RFC 5848 supports four signature groups as defined in section 4.2.3 Signature Group and Signature Priority of the RFC: https://tools.ietf.org/html/rfc5848#section-4.2.3 We are proposing to limit our support to Signature Group 0 which covers the case for administrators who want all messages of a syslog stream to be signed and Signature Blocks to be sent to a single destination. We believe this case covers all deployment scenarios that are commonly encountered. Support for Signature Groups 1 (each PRI value is associated with its own Signature Group), 2 (each Signature Group contains a range of PRI values), and 3 (Signature Groups are negotiated through a private arrangement) could be added to the model later through augmentation. Please let us know if you have any concerns about this. Thanks, Clyde _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
