Hi, I just submitted version -26, addressing the items below. E.g.: New examples have been included. TBPL was changed to TPBL. Clarification on the "leading zeroes omitted", where parameters contain decimal values. Clarification on the unix system time.
The most important issue concerned the issue of having multiple signers. After some contemplating, I decided that this can be resolved quite simply by clarifying that the combination of APP-NAME and PROCID refers to a unique signer (no, I didn't introduce it as a new term, it's still originator), and needs to be consistent between Certificate Block and Signature Block messages. If multiple originators are used, they each in effect have their own "scope" - they each have their own Payload Block and Signature Blocks etc. The algorithm in section 7 can stay the same, but I added some clarification also there about how to identify/distinguish between different originators, and the fact that consistency between Certificate Block and Signature Block messages with regards to the originator needs to be checked. Regards --- Alex -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Monday, April 06, 2009 4:06 AM To: [email protected] Subject: [Syslog] Syslog-sign -25 Hi Alexander, Jon and others, Version -25 looks pretty good, and addresses all my comments except one: the email "Signature groups, originators, etc." (on February 5). Could you take the first attempt in proposing text that clarifies the definition of Signature Group, and makes the algorithm in Section 7.1 actually work in all the cases? Couple of minor nits: - As Martin pointed out, the examples (4.2.9 and 5.3.2.9) still use DER encoding, not MPIs - The SD-PARAM-NAME for Total Payload Block Length should be "TPBL", right? (not TBPL) - Section 5.3.2.8, typo "Section Section" - As pointed out by Richard (on December 22), Sections 5.3.2.4 and 5.3.2.6 should have "with leading zeroes omitted" (like all other integer-valued fields) Best regards, Pasi _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
