At 09:54 AM 6/9/00 +0200, Jan Meijer wrote:
>> It is questionable whether we should "roll our own" crypto...mandate the use
>> of SSL or IPsec. Not using existing crypto means you have to get the crypto
>> right and then you've got X.509 issues, etc. Time is better spent elsewhere
>> - other people have already "solved this", lets stop reinenting the wheel.
>
>I did not follow the syslog-sec discussion for a while, am just on the list to
>make sure that when something interesting comes by I read it. I am however
>quite heavily involved in x.509 issues, and would like to second this opinion.
>Please don't reinvent the crypto-stuff that has already been invented in for
>example the SSL and the SSH protocols. Just make sure the standard available
>stuff fits in.
>
>Jan
Hi Darren and Jan,
That was hammered home at the DC BoF. We will be using existing
and approved mechanisms where ever they make sense. The term used
then was "common, off the shelf".
Thanks,
Chris
