I agree with Rainer that those fixes would make it good enough. [Rainer] > It may also be useful (but not vital) to include a note that > transport-tls is a secure, but not a 100% reliable protocol (because tcp > without an app-layer ack is unreliable). Lots of folks have the > misconception that just because tcp is used it is reliable. For that, > one needs to implement rfc 3195. But, again, this is not a important > enough point to hold publishing. >
I worry that getting into the reliability discussion will delay things. The reliability discussion is more a tutorial about the limitations of TCP and is not syslog specific. It comes up because syslog users react very negatively to the work "unreliable" in UDP and become concerned. If a reliability note is included, it would help to indicate that TCP provides protection against some forms of data loss, such as network congestion and data corruption related message loss but not against all forms of loss. The most common form of data loss with TCP involves mobile equipment. If I disconnect a machine from the network without warning, move it, and relocate it to somewhere that assigns it a new IP address, all the active TCP/IPv4 connections are lost. A syslog-tls that was using one of these connections may, depending on details of timing and implementation, suffer undetected data loss. TCP/IPv6 can be configured to reduce or even eliminate this source of data loss, but other lower probability sources of loss remain. All of this discussion would really be advanced education on the error recovery capabilities of TCP and is not syslog specific in any way. R Horn _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
