Hi folks,
Daren New and I have been going back and forth on one issue
and we want to bring it to the group.
As you are no doubt aware by now... I've been pushing
end-to-end
message-level integrity through signing.
So far, I've been assuming the natural place for this is in
the
COOKED stuff in Syslog-Reliable. However, there's now
some question as to whether it might be better off in
Syslog-Auth.
Arguments for moving this to Syslog-Auth:
* It's a lower level in the food-chain
* It still operates over UDP
* It's called 'Auth'
Arguments against:
* Syslog-Auth protocols may not come into play when
you're running Syslog-Reliable with the SASL stuff
* I thought Syslog-Auth isn't supposed to alter the
"payload" (i.e. by adding a signature that doesn't
get stripped).
What does everyone think?
begin:vcard
n:Calabrese;Chris
tel;work:201-703-7218
x-mozilla-html:TRUE
org:Merck-Medco Managed Care, L.L.C.;Internet Infrastructure and Security
adr:;;1900 Pollitt Drive;Fair Lawn;NJ;07410;USA
version:2.1
email;internet:[EMAIL PROTECTED]
title:Internet Security Administrator
fn:Chris Calabrese
end:vcard
