I concur with the sentiments expressed in this thread. I would prefer not to talk of transport using application, since it subverts my idea of the stack. Rather I would say that the syslog application does not have application level acknowledgements and that the use of TLS and TCP as a transport does not change this.
Tom Petch ----- Original Message ----- From: "Rainer Gerhards" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: "syslog" <[email protected]>; <[EMAIL PROTECTED]> Sent: Thursday, June 05, 2008 2:01 PM Subject: Re: [Syslog] Subject Name verification policy > Hi Robert, > > I think I should have been more clear. I meant a note along these lines > (and only these lines, without any more specifics). > > ### > It should be noted that this transport does not use application-level > acknowledgments. As such, there exists situations where loss of data > may occur. This protocol is not suitable if a 100% reliable solution > is desired. > ### > > ... nothing more. I often need to talk to people (sales but > unfortunately technical folks, too) that claim that their implementation > is reliable just because it is based on TCP. While for some one can > assume they know better, at least some do not even know there actually > is a problem. I'd like to make the later aware of the fact. And for the > first sort of folks, it would be very handy to have a good reference > that they are wrong ;) > > Rainer > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Sent: Thursday, June 05, 2008 12:46 PM > > To: Rainer Gerhards > > Cc: Joseph Salowey (jsalowey); syslog; [EMAIL PROTECTED] > > Subject: Re: [Syslog] Subject Name verification policy > > > > I agree with Rainer that those fixes would make it good enough. > > > > [Rainer] > > > It may also be useful (but not vital) to include a note that > > > transport-tls is a secure, but not a 100% reliable protocol (because > > tcp > > > without an app-layer ack is unreliable). Lots of folks have the > > > misconception that just because tcp is used it is reliable. For > that, > > > one needs to implement rfc 3195. But, again, this is not a important > > > enough point to hold publishing. > > > > > > > I worry that getting into the reliability discussion will delay > things. > > The reliability discussion is more a tutorial about the limitations of > > TCP > > and is not syslog specific. It comes up because syslog users react > > very > > negatively to the work "unreliable" in UDP and become concerned. > > > > If a reliability note is included, it would help to indicate that TCP > > provides protection against some forms of data loss, such as network > > congestion and data corruption related message loss but not against > all > > forms of loss. The most common form of data loss with TCP involves > > mobile > > equipment. If I disconnect a machine from the network without > warning, > > move it, and relocate it to somewhere that assigns it a new IP > address, > > all the active TCP/IPv4 connections are lost. A syslog-tls that was > > using > > one of these connections may, depending on details of timing and > > implementation, suffer undetected data loss. TCP/IPv6 can be > > configured > > to reduce or even eliminate this source of data loss, but other lower > > probability sources of loss remain. > > > > All of this discussion would really be advanced education on the error > > recovery capabilities of TCP and is not syslog specific in any way. > > > > R Horn > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
