On Aug 11, 2008, at 5:49 AM, Martin Schütte wrote:
Jon Callas schrieb:
But that's what the existing consensus is. Do we have to, at this
late date, throw out the existing consensus and put in RSA and CAs?
I think we can agree not to have any notion of CAs in syslog-sign,
besides the simple fact that users of PKIX and OpenPGP keys might
use one witout affecting syslog-sign.
But what would be necessary to include RSA and ECDSA? As far as I
see we just had to assign two additional VERsion digits values for
the Signature Scheme.
I agree that it's not all that difficult to add it in, but the draft
has gone this far with WG consensus that it is not needed. I don't
think we can add it without pulling it out of last call and re-opening
it up. I might be wrong, but nonetheless, Pasi Eronen asked the
question of why it was DSA-only, and we answered. I don't believe we
have to add in RSA. During last call, ADs ask a number of good, tough
questions that don't require negating the WG consensus. And since the
document in its present state is a product of WG consensus, we need a
semblance of that to add in a major new feature like a new public key
algorithm.
Jon
_______________________________________________
Syslog mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/syslog
