Is it possible to sign the same set of messages with multiple algorithms (by sending multiple Payload and Signature Blocks) to provide smooth algorithm transition? (i.e., if the originator is upgraded first, it would sign the messages both with old and new algorithm -- using the old algorithm could be switched off some time after then collector is upgraded, too.)
Section 4.2.5: When counting messages for the "First Message Number" field, are Signature Blocks and Certificate Blocks also counted? Should earlier Signature Block and/or Certificate Block messages be included in Hash Blocks? Section 7: the text seems to assume that Reboot Session ID is included; what about the case when originator does not maintain state across reboots? (always sends Reboot Session ID 0) Best regards, Pasi _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
