NILVALUEs - as is, they should be valid - actually, this should be stated explicitly in the draft. The point is that so far they have essentially been "ignored".
It is possible to differentiate different signers by saying APP-NAME and PROCID are relevant and MUST be used consistently. It would then also imply that different signers can "reuse" the same SPRI, providing they indicate SG=3 when establishing the signature group. Not sure if it was intentional, but you bring up a notion of a duration of a signature group. This is a different notion than what we have right now. We only have a notion of a reboot session. At the beginning of the reboot session, the payload blocks are sent for the various signature groups. So, the duration is "global" for an originator, not differentiated between signature groups. Now, in principle it is certainly possible to change the semantics of "reboot session" to that of "signature group session". It does open up a lot of other questions and add complexity, as now a multitude of reboot sessions needs to be kept track of. Is this really required? It would seem that we should stick to the simple semantics of reboot session. Different signers can of course have their own reboot sessions. So, your text is basically okay, but I would argue that the last sentence must read "To allow multiple originators per host, the values of APP-NAME and PROCID MUST be unique for the duration of the reboot session." --- Alex -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Martin Schütte Sent: Monday, August 04, 2008 6:49 AM To: syslog@ietf.org Subject: Re: [Syslog] Syslog-sign: Multiple signers on host? Alexander Clemm (alex) schrieb: > That a valid APP-NAME and PROCID need to be included is a given. Are NILVALUEs valid? > Currently, the statement is that originators SHOULD use the same > values for those field for every message to be consistent (e.g. > section 4.1 and 5.3.1). Should this "SHOULD" be changed to "MUST" > and a statement be added that APP-NAME and PROCID are supposed to > uniquely identify a signer on HOSTNAME? Yes; if we use these values to distingiush different originators on the same host then they MUST be consistent. I would suggest: This specification does not mandate particular values for these fields; however, for consistency, originators MUST use the same values for APP-NAME, PROCID, and MSGID fields for every Certificate Block and Signature Block message that is sent for one Signature Group, whichever values are chosen. To allow multiple originators per host, these values MUST be unique for the duration of the Signature Group. Intention here: a) if there is only one originator per hostname possible (use case: on a printer) then NILVALUEs are ok, because (together with the HOSTNAME) they still identify one originator. b) I think some time duration is necessary and chosen to impose the least restrictions. So the values have to stay the same for one Signature Group. That makes sure they can be used as identifiers for that Signature Group but leaves enough room for implementations. It is then possible to - restart the daemon, thus changing RSID and PROCID - use another program, thus changing RSID, APP-NAME, and PROCID - use different PROCIDs in parallel (use case: one process per Signature Group). One more thing: Except for the APP-NAME alone basically all selections from (APP-NAME, PROCID, MSGID) could be used. APP-NAME and PROCID would identify one orginator just as well. So if it seems like there could be other uses for a MSGID then that does not have to be fixed. -- Martin _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list Syslog@ietf.org https://www.ietf.org/mailman/listinfo/syslog
