> * Balazs, similarly for [Scheidler] and also the section
> on syslog-ng.
>
> 5.6 syslog-ng
>
> Syslog-ng is another drop-in syslog replacement, this
> one developed by Balazs Scheidler of BaliBit
> Computing. Like nsyslogd, it offers improved
> filtering and guaranteed message delivery and
>
>
>
> INTERNET DRAFT Event Logging Requirements August 2000
>
>
>
> ordering. However, it goes one step further by also
> offering over-the-wire confidentiality through the use
> of TLS, and message integrity through the use of
> digital signatures.[15]
Though I'd like syslog-ng to support TLS, it's not yet implemented.
Otherwise the draft looks ok to me at first sight. As I see you are using
TCSEC requirements for event logging. Wouldn't it be better to use the terms
defined and used in Common Criteria? CC is an international standard for
evaluation computer security products, somewhat derived from TCSEC and
ITSEC.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
url: http://www.balabit.hu/pgpkey.txt
