If you're in a situation where signing is too expensive, there is one other
option available -- using a MAC or Message Authentication Code. MACs are
the symmetric-key equivalent of a signature. This came up in an earlier
message, and my somewhat glib reply was that I would like that syslog-sign
to sign. However, that doesn't mean MACs are useless.
MACs have the advantage that they use symmetric algorithms and are thus
much faster than signing. However, you pay for that in key distribution
problems.
An entity that verifies a MAC must know the key that the MAC was created
with. Also, that key must be kept secret, or else the integrity of the logs
comes into question. This means that the key has to be both held securely,
and be available for a verifier. These are at odds with each other.
In contrast, the advantage of signed logs is that you only have to protect
the signing key, by whatever means is reasonable. Verifiers only need the
public key.
If you what your secured logs kept in anything approximating evidentiary
security, then you don't want to use a MAC, you want to sign.
I have no objections to anyone coming up with a syslog-mac draft as a
follow-on to syslog-sign. If someone has a need for it, it's completely
reasonable to come up with a draft that says, "syslog-MAC is just like
syslog-sign except for these changes...." I just don't want that in
syslog-sign.
My fear is that if RFCxxxx contains both signing and MACing, then I'll have
to ask every time someone says they support syslog-sign, "Do you support
actual signing, or do you MAC?" and they'll say, "I don't know, let me
write that down and my technical people will get back to you" or worse,
they'll tell me the wrong answer.
Consequently, while I am not opposed to log security via MACs, I *am*
opposed to putting it into syslog-sign. One of the things I like about the
current description is that is drops into an existing infrastructure, it's
built out of easy-to-understand pieces, and there are few options. John did
a phenomenal job designing this and deserves lots of kudos for it.
Jon
