This looks great.
Some questions/comments...
o Is it actually true that you'd need all the
messages
of the block plus the signature message to verify the
authenticity of any one message (as stated in 1.0.c
and
2.1.b)? It seems you should really only need the
message you want to verify and the signature message
(as implied in 2.1.d), not all the other messages in
the block. This is important because it allows
messages in the same block to go to different places
as
long as the signature messages go to all those places
(or some central signature block repository, I guess).
o Shouldn't the signature block cookie (2.1.1.a) be a
reference both the syslog and signature part of its
job? How about ``@#logSIG''? Similarly @#logCER for
the certificate cookie (2.2.2.a). Admitadly a nit.
o Seems you might want to specify more than one
pre-defined HMAC function (2.1.2.1). Maybe MD5 and
{DSA/320,RSA/1024,RSA/2048} too. Also, you need to
specify at least one combination that must be
supported by all implementations. Otherwise you'll
never fix the interoperability problems.
o In 2.1.2.2 (Redundancy), you'll need to change the
wording in the first paragraph to make it more obvious
that the whole redundancy issue is an implimentation
issue. Also, what about just sending each signature
message multiple times as well as or instead of having
overlapping signature blocks?
o In 2.2.d (Key blob types), do you think PGP, SSH1
and SSH2 types should be added? In theory they can be
covered by conversion to type 'F', but they're awfully
popular.
o What does the stuff look like to specify the
session ID in a log message?
-Chris
__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/
