Hi Jon and All,
Overall, this looks good. Below are some items that I think need
to be addressed in the ID. These are almost exclusively items of
harmonization with RFC 3164. The content of this looks very good.
Thanks,
Chris
=====
1. Introduction
- The term "CONTEXT" was replaced with "CONTENT" in RFC 3164.
- There is no Section 4.2.2 in RFC 3164. Change that to Section 4.
2. Signature Block Format and Fields
- Change "MSG part" to "HEADER part".
- Generalize "Section 4.1" to "Section 4".
2.1 syslog Packets Containing a Signature Block
- Change "PRI part and a MSG part" to "PRI, HEADER and MSG parts".
- At the top of page 5, change "MSG" to "HEADER", and "CONTEXT" to
"CONTENT".
- Would it be better to turn the list of fields into a table?
Perhaps rows of "term", "shorthand notation" and length; e.g.:
Cookie CKI 9 octets
- There is a perception conflict between the use of "PRI" here and
the "PRI" field of the syslog message. This is changed to "priority
field" in section 2.2 and again in 4.3.
- You say, "Recall that ... binary values are base-64 encoded." however,
that has not been referenced before that point. ;-)
4.3 Building the Certificate Block
- Would it be clearer to add a block diagram? I'm not sure how that
would look with the "priority" field being variable of 1, 2 or 3
octets.
Would it be more clear if an example were added of a group of syslog
messages followed by a syslog-sign message?
==end==
[Replying to this will go to the list.]
[Please use [EMAIL PROTECTED] to ]
[reply to me separately. ]
