David Harrington wrote:
Hi Darren,
[posting as a contributor]
I don't know GSSAPI or SASL well enough to evaluate their
approriateness for securing syslog.
Are you willing to write one or two drafts proposing these as possible
solutions so the WG can evaluate them as alternatives?
[posting as
To: 'David Harrington'; Rainer Gerhards; [EMAIL PROTECTED]
Subject: RE: [Syslog] Secure transport alternatives
Hi,
IMO, most current security protocols(TLS, DTLS, SSH, IPsec)
provide similiar
security service for application, such as confidentiality, integrity,
anti-replay and peer identity
- Original Message -
From: David Harrington [EMAIL PROTECTED]
To: 'Rainer Gerhards' [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, June 21, 2006 7:58 PM
Subject: [Syslog] Secure transport alternatives
Hi,
[Posting as a contributor]
I am involved in a number of NM and Security
Miao Fuyou wrote:
real general security mechanisms(except IPsec, but it is not
application-friendly). So, IMHO the primary criteria for selection is: is it
convenient for the application to invoke the security service provided by
the security protocol?
That to me sounds like GSSAPI or SASL.
, 2006 10:48 AM
Subject: RE: [Syslog] Secure transport alternatives
Tom,
But, in all seriousness, changing from TLS to anything is a
charter change that
I think needs the approval of the IESG, and should require
commitment, similar
to that given at the turn of the year, to produce conformant
Gerhards; David Harrington; [EMAIL PROTECTED]
Subject: Re: [Syslog] Secure transport alternatives
Rainer
Looking at the outstanding milestones, I see
Nov 2006Submit Syslog UDP Transport Mapping to the IESG
for consideration as
a PROPOSED STANDARD
Nov 2006Submit Syslog Protocol
]
Subject: RE: [Syslog] Secure transport alternatives
Tom,
I have to admit I have overlooked this item. I agree that we
(especially
me) were very TLS-minded. My memories tell me we
intentionally left the
door open for other transports, but I may be wrong. As it
looks, I need
to re-visit
PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 22, 2006 6:14 AM
To: Miao Fuyou
Cc: 'David Harrington'; 'Rainer Gerhards'; [EMAIL PROTECTED]
Subject: Re: [Syslog] Secure transport alternatives
Miao Fuyou wrote:
real general security mechanisms(except IPsec
]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 22, 2006 6:14 AM
To: Miao Fuyou
Cc: 'David Harrington'; 'Rainer Gerhards'; [EMAIL PROTECTED]
Subject: Re: [Syslog] Secure transport alternatives
Miao Fuyou wrote:
real general security
Harrington
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 22, 2006 6:14 AM
To: Miao Fuyou
Cc: 'David Harrington'; 'Rainer Gerhards'; [EMAIL PROTECTED]
Subject: Re: [Syslog] Secure
10 matches
Mail list logo