Hi Folks,
We had the BoF on Tuesday afternoon. Below are the notes taken by Eliot
Lear. Jeff Schiller was there and he moderately agreed with the charter.
He has taken that and will work on it a bit so that he can sell it into
the IESG with his recommendation that we form a Working Group.
Overall, the Charter will have 2 components that must be done in order:
First: Document the Syslog protocol and note its security weaknesses
and vulnerabilities.
Second: Come up with two solutions to address those problems. One should
have authentication and integrity. The other should have authentication,
integrity and verifiable delivery.
We agreed that the focus will be only on the protocol and not on anything
that could happen on the end systems. We'll also not discuss the format
of the messages. These restrictions will keep us focused on the task at
hand.
I'll keep everyone informed on the progress of the charter going through
the IESG. I've also had some discussions with some people about writing
the first document. Please let me know if you are interested in
participating in writing the initial draft.
Thanks,
Chris
--
Secure Syslog BOF
29 March 2000
Chaired by Chris Lonvick
Notes by Eliot Lear
Chris started with agenda bashing. Went on to current state of the protocol.
Explained vulnerabilities. syslog has been referenced but not documented.
We went on to discuss the proposed charter.
Issue as to what the first document should be- BCP, Standard, or Info? BCP says that
you can get there quick, but it's really for practices. Ran commented that first goal
would be to document what we have.
Ran also argued that the charter is too broad. Start by documenting existing practice
and protocol. Then do a requirements document.
Barbara responded that it would be unusual to force a requirements document.
Glenn Mansfield commented that the requirements are clear.
Chris disagreed. He wants the working group to review his ideas.
Anne Anderson suggested striking the last paragraph.
Glenn: what about retrieval for post processing purposes?
Chris: outside the scope
Andreas Worsley: what about lots of features aside from wire protocol?
Chris: Rat hole.
Sylvian Gombault: If IDWG had secure syslog they would have used it.
Jeff Schiller: doesn't mind the 3rd paragraph. Too early to make a statement on key
management. Glad we didn't specify whether or not we'll use a new port.
??: don't forget integrety in the 2nd document
Jeff: 1st document should be informational.
Jeff: no requirements document for now.
Chris: mailing list exists - will be announced.
Jeff: next step- iteration and IESG.
