Hi WG, I have finished my implementation of -transport-tls-12 plus Joe's latest text. I have written an implementation report which you can find at
http://blog.gerhards.net/2008/05/syslog-transport-tls-12-implementation. html This post is rather long. But it sums up my experience of roughly three weeks of implementation, so it needs to be. I have identified a number of problem spots, defined a rsyslog-specific policy suitable for many use cases and come to the conclusion that -transport-tls is doing quite well. If you have any feedback on the report, I would love to hear it. Please note that the report's intension is not to mandate changes to -transport-tls but to provide honest feedback from someone who implemented it. Joe's latest text is quite OK, the only change I would very much like to see is to remove the MUST on ipAddress authentication. Please note that the implementation is actually available to anyone. You can simply download it from http://www.rsyslog.com. I know of at least one actual deployment by a real user and expect the number to grow in the coming weeks. I will also continue to fine-tune the implementation and, if at all possible, keep up with changes to the draft. Thanks, Rainer _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
