Alexander Clemm (alex) schrieb:
to clarify what you are suggesting - are you suggesting to strike
section 6.2 and change the title of 6 to "Redundancy"? I think the
entire section is in essence informational; per se I would have no
issues taking it out.
Yes.
Now, regarding question 2: I am not clear about what you are asking.
How a signature group is defined is ultimately up to an administrator
(specifically if SG fields are 2 or 3). It is probably not a good
idea to change these on the fly, although it probably does not need
to be prohibited. Should this issue be discussed in a separate
statement somewhere? (Basically, it would state something along the
lines that while it is possible to change how Signature Groups are
configured, adminstrators need to be aware of the implications.)
Of course every change will require a new reboot session and the sending
of new Certificate Blocks, so the receiver/verifier will be able to notice.
Given that I do not see a difference between a config change "on the
fly" and restarting the server/daemon with the new configuration.
The statement at the end of 6.2 states that it is legitimate for an
originator to send short Signature Blocks to allow the collector to
verify messages quickly (and not have to wait until a Signature Block
is "filled up"). Precisely because the block are variable in length
this is possible. So, I am not clear what the issue would be with
that statement?
It is no big deal.
I just found it irritating and wondered if there were also long blocks.
Maybe it would be better to add a remark to section 4 (Signature Blocks)
stating that the originator is free to decide when to send Signature
Blocks, how many hashes they contain and if/how he adds redundancy.
--
Martin
_______________________________________________
Syslog mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/syslog
