Hi, I was looking over Section 4 of syslog-sign-08 and saw that the Signature Group is included in the Certificate Block, while the Signature Group and the Highest Priority are also included in the Payload Block. (Just for those who are a bit rusty on this: The Payload Block may be a long blob of information containing the certificate of the device. The Certificate Block can chop that up and transport the pieces of it to a collector using the normal syslog protocol. The collector can reassemble the pieces to find the key/certificate/whatever - See Sec. 4.2e.)
I don't see that this information needs to be duplicated in both the Certificate Block and the Payload Block and I would think that it would be better in the Payload Block. There, a syslog device would be able to use that information to send out a copy of the Payload Block to each of the collectors. Does anyone have any objections to having the SIG and SPRI (as taken from the table on Page 9) only appear in the Certificate Block? Thanks and Happy New Year, Chris