Hi Tom, I think it would be useful to have recommendations for generic application over TLS. I don't think all applications would be the same, but I think there could be some common guidelines. I don't think we should hold up the TLS syslog draft for this.
Joe > -----Original Message----- > From: tom.petch [mailto:[EMAIL PROTECTED] > Sent: Monday, June 02, 2008 1:15 AM > To: Rainer Gerhards; Joseph Salowey (jsalowey) > Cc: syslog > Subject: Re: [Syslog] -transport-tls references to "matching rules" > > Replying to myself, and apologies to those who got my first, > mangled attempt at this, > > I have just read > > draft-ietf-netconf-tls-02.txt > > which covers an almost identical territory to transport-tls > but with server and client roles reversed; well worth a read. > > Where we used to refer to RFC2818, it refers to RFC4642 > (which itself considers relays). > > It has a reference to RFC5280 and specifies section 6 for > certificate paths. > > It does not consider fingerprinting. > > It does not consider alternatives to hostname. > > <rant> > As I have said before, I see a crying need for a generic > 'application over ...' I-D for others - like me - to draw > on and reference, lest we keep inventing our (less than > round?) wheels. > </rant> > > Tom Petch > > > > ----- Original Message ----- > > _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
