At 03:05 PM 5/31/2001 -0700, Marshall T. Rose wrote:
>err, weren't all of these issues discussed and decided 9-12 months ago???
Hi,
Yes.
The WG was formed with the understanding that we _not_ mess with
the protocol. Attempts to "redefine" the syslog protocol or any
of the fields within the packets are outside the scope of this
working group. The syslog-reliable ID fits the requirements of
our Charter. Discussions of using that to
update/modify/redefine/change the existing syslog protocol are
not appropriate.
Albert: If you'd like, you may use the profiles defined by
Marshall and Darren in the syslog-reliable ID as a template for
a new proposal. That will have to be done as an individual
submission and cannot be a work produced by this working group.
Thanks,
Chris
>/mtr
>
>----- Original Message -----
>From: "Albert Mietus" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Thursday, May 31, 2001 13:56
>Subject: syslog-reliable: Q: do we need to be that backward incapable?
>
>
>>
>> Hai all
>>
>> Syslog-reliable, is more or less a secured version of syslog. But it's
>> also a "modern" protocol. It uses mime, it uses XML, etc.
>>
>> Those modern influences are simply great. BUT, ...
>> The current proposition is also very old-fashioned. It allows only a
>> very limited set of facilities and severities. It want/needs short
>> messages (at least, I understand the log-messages are still limited to
>> 1024 bytes), etc.
>>
>> Why aren't XML'ed priorities possible? Why shouldn't we at least
>> _suggest_ to use XML'ed log-messages?
>> Why are daytimes still without year (sure, we don't have a year 2000
>> problem, this way :-). Why do we think a second is long; even when a PC
>> operates at speeds 1000000000 times faster (1Ghz)?
>> Even Windos know about "daylight saving time" now; and about
>> time-zones.
>> But modern logging still forbids sometime more clever then localtime.
>>
>> Sure, we need to be compatible. But doesn't that mean syslog-reliable
>> can transport/use old style messages. It does!
>> But, It see no reason to define a modern logging-system, that's only
>> goal is to be compatible. Can't we do that better.
>>
>> I suggest to redefine those parts that are limiting, and/or
>> old-fashioned. And to skip those limits. *BUT* require (in the
>> document, and in our work) that t is still possible to
>> 1) use (old) syslog-syslog messages in a modern syslog-reliable
>environment
>> 2) operate a modern syslog-reliable environment such, that parts can
>> be implemented with old style, limited, utp syslog-syslog
>> components (relay, collector) WHEN NEEDED.
>>
>> This means, we can intermix syslog-syslog and syslog-reliable
>> components. That we can use a modern protocol, which it's (security)
>> enhancements, as syslog once was made.
>> AND, that we have a (syslog) logging system that can be used (again)
>> for years and years. New "userland features" etc can be rolled out,
>> when needed.
>>
>> This also enhances the security of the system. Modern security is also
>> about "looking ahead". Comparing several logs, of several site, and
>> locations. This does require a better timestamp then the current 15
>> byte, which is all that is ALLOWED now!
>>
>>
>> See you
>>
>>
>> ---GAM
>> "This should be a jolly quote"
>> ====
>> Do NOT send MS-Word or other MS-bits to me!
>> I can read them now, but I still don't like it.
>>
