What did we decide? Keep things as they are, or add optional support for RSA per the text suggested by Martin?
I believe the consensus is to stick with DSA only; anything else would constitute an additional feature. Thanks --- Alex -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Graveman Sent: Monday, August 11, 2008 5:22 PM To: Jon Callas Cc: [email protected] Subject: Re: [Syslog] Syslog-sign: RSA support? I agree with Jon on all counts. A good reason for the choice exists, the draft has been stable for years, no security issue is raised, keep it simple, and who wants to start discussing which of the three are MUST, SHOULD, or MAY? Richard Graveman On Mon, Aug 11, 2008 at 5:47 PM, Jon Callas <[EMAIL PROTECTED]> wrote: > > On Aug 11, 2008, at 5:49 AM, Martin Schütte wrote: > >> Jon Callas schrieb: >>> >>> But that's what the existing consensus is. Do we have to, at this late >>> date, throw out the existing consensus and put in RSA and CAs? >> >> I think we can agree not to have any notion of CAs in syslog-sign, >> besides the simple fact that users of PKIX and OpenPGP keys might use one >> witout affecting syslog-sign. >> >> >> But what would be necessary to include RSA and ECDSA? As far as I see we >> just had to assign two additional VERsion digits values for the Signature >> Scheme. > > I agree that it's not all that difficult to add it in, but the draft has > gone this far with WG consensus that it is not needed. I don't think we can > add it without pulling it out of last call and re-opening it up. I might be > wrong, but nonetheless, Pasi Eronen asked the question of why it was > DSA-only, and we answered. I don't believe we have to add in RSA. During > last call, ADs ask a number of good, tough questions that don't require > negating the WG consensus. And since the document in its present state is a > product of WG consensus, we need a semblance of that to add in a major new > feature like a new public key algorithm. > > Jon > > > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog > _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
