Hello Albert and All, At 11:35 AM 3/1/2002 +0100, albert.mietus wrote: >Hi all, > >We have discussed a lot about SHA/DSA/RSA/MAC for securing syslog on small >systems. >My point was it should be possible to make a "more secure then nothing" >syslog for small systems. I think anybody agrees on that. > >But, ... my suggestions was to do it with syslog-sign, as it is the most >simple security extension to syslog we have discussed until now. >As Jon pointed out, by doing this we have a huge risk of making -sign a lot >more complex and a lot less "beautiful" at it is. >We should do that! I fully agree with Jon. > >So I have a new proposal. > >First, I would like to suggest to minimise the change to -sign. Basically, >leave it the way it is. But make the key length variable. I don't see any >reason why the key length should be fixed (as it is now). The keylength can >be specified in the certificate blocks. Or even in the signature blocks. >The current (fixed) size is: > a) to long for small(er) systems > b) insecure, in some future time. >By making the key length a "variable", we allow "small" (but less secure) >keys, for small systems. >And, maybe even more important, allow an easy upgrade for "very secure" >extreme long keys. The will be needed somehow, someday. The RFC should >recommend an (minimum) key length; it should be the current one. > > >Second, I would like to propose to discuss an alternative "secure syslog", >especially for "small" systems. This could be a "syslog-mac", it could be a >kerborized one(if that is "small"), it could be something else. I have to >think about it more. But I'm willing to do so. > >But I don't know iff this can be done within our charter (Chris, can you >answer this question?)
I feel sure that we can proceed if others are interested in doing so. I would ask everyone to think about this before we agree, however. If the proposed alternative "syslog-mac" were to be much simpler than syslog-sign, would people prefer to implement that rather than doing the harder work to implement syslog-sign? I'm a bit undecided on this as well. On one hand, I'd like to say that syslog-sign has the attributes that we want. If we start doing other things, then we may reduce the importance of that work. If the proposed alternative "syslog-mac" were to be much simpler than syslog-sign, would people prefer to implement that rather than doing the harder work to implement syslog-sign? On the other hand, I'd like solutions that work and that will be implemented. It does sound like "syslog-mac" may have qualities that would appeal to people working on low-end devices. Let's hear from other people about this and then decide. Thanks, Chris
