> From [EMAIL PROTECTED] Wed Oct 20 15:07:45 1999 > From: antirez <[EMAIL PROTECTED]> > On Wed, Oct 20, 1999 at 09:26:04AM -0400, Bennett Todd wrote: > > Naturally TCP is the big first step. It may be the only fundamental change > > needed for all I know. > > > > -Bennett > > I think (hope) it's possible to reach our goals even using UDP. This is definitely possible. I even know of an X.25 implementation that runs over UDP. :)) I think the question here is really whether syslog should provide a _reliable_ link between the client (i.e. the source of the mesasage to be logged) and the server (i.e. the logging agent). I would think this is in _many_ cases definitely a _requirement_. In such cases it is probably not worthwile "re-inventing the wheel" by implementing a reliable connection over UDP (with encrypted payload or not, with or without authentication), so TCP is a better choice. In my view the question is whether unreliable syslog should be supported. This would probably not be suitable for an audit log, but may still be useful. > Why to use TCP if strong auth it's possible even using UDP? As I said above, it is probably not worth the effort of implementing over UDP a service that is already available by simply using TCP. This may, however be useful on source hosts that do not have TCP implemented, but do support UDP. However, such a host would probably not have enough resources (e.g. memory or CPU) though for cryptographic methods. Janos
