In his/her message, Chris M. Lonvick wrote:
>Authenticated format. Changing the format, or defining a format is
>outside the scope of this working group.
>The IDWG has defined their own format which meets their requirements.
>The ULM work and your proposal look viable for defining the contents
>and format of event messages. I've heard from very many people that
>they would like to see that work started again. However, it is outside
>of the scope of this WG. Please get together and propose a BoF. If
>not that, then get together and submit an internet draft.
Standardization of the format was refused in the charter by the area
director Marcus Leech. He said he was afraid of duplication with IDWG.
Unfortunatly it doen't seem to me that there is duplication with
IDWG, we do not standardize the same information.
I do not think you can choose a security solution for the syslog
protocol without the knowledge of the security solutions that will provide
the data format. I also think this is closely related in syslog, it should
not be 2 differents WG, one on the protocol, one on the format.
I am in favor of changing the charter.
Regards,
HERVE
