And Tom, the reference is? It helps a lot to be concrete. /js
On Sat, Dec 11, 2021 at 12:44:53PM +0000, tom petch wrote: > > > ________________________________________ > From: Syslog <[email protected]> on behalf of Chris Lonvick > <[email protected]> > Sent: 10 December 2021 23:27 > To: [email protected]; [email protected]; Joe Salowey; Arijit Bose > Subject: [Syslog] Fwd: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt > > Hi Folks, > > As Tom and Jurgen noted, Arijit Kumar Bose did send some notes to the Syslog > mailing list. By the time I had snapped to, the system had timed most of them > out. I finally got that last one approved and forwarded to the mailing list. > > Arijit (and the IEC WG15) rightly notes that the RFCs are using deprecated > cipher suits and the DTLS RFC is using a deprecated version. > > > <tp> > > Chris et al > > This is flawed. The use of DTLS1.0 was noted by a security AD a long time > ago and is now deprecated and the syslog RFC have been updated accordingly > so anyone saying that syslog uses a deprecated version is wrong; they need to > understand the IETF process. > > I tracked the work on the TLS list and even posted to that list the fact that > the syslog RFC were missing. I was ignored so I tried again at IETF Last > Call and this time got them included (Ignoring me does not make me give up:-) > > So your I-D needs to reflect the existing update. Reinventing the wheel will > likely cause confusion amongst subsequent ADs. > > Tom Petch > > Sean, Joe, and I worked out a -00 draft to address these issues. Like all -00 > IDs, it's open to comments. :-) We know that there are some larger efforts > underway to address TLS, DTLS and cipher suites. We're not going to try to do > that here. Rather, we'd like to update RFCs 5425 and 6012 to get them > compliant with current standards with a minimal impact to current > implementations. > > Sean is going to run this by the secdispatch group to see if they can make a > recommendation on where this may be best addressed and discussed. I'm sure > that we'll get some good input from the group here on the Syslog mail list, > so please send in your comments and let's get these two RFCs updated to using > current best practices. > > Best regards and have a great weekend, > Chris > > > -------- Forwarded Message -------- > Subject: I-D Action: draft-ciphersuites-in-sec-syslog-00.txt > Date: Fri, 10 Dec 2021 14:57:44 -0800 > From: [email protected]<mailto:[email protected]> > Reply-To: [email protected]<mailto:[email protected]> > To: [email protected]<mailto:[email protected]> > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > Title : Updates to the Cipher Suites in Secure Syslog > Authors : Chris Lonvick > Sean Turner > Joe Salowey > Filename : draft-ciphersuites-in-sec-syslog-00.txt > Pages : 8 > Date : 2021-12-10 > > Abstract: > This document updates the cipher suites in RFC 5425, Transport Layer > Security (TLS) Transport Mapping for Syslog, and RFC 6012, Datagram > Transport Layer Security (DTLS) Transport Mapping for Syslog. It > also updates the transport protocol in RFC 6012. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ciphersuites-in-sec-syslog/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ciphersuites-in-sec-syslog-00.html > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > > _______________________________________________ > I-D-Announce mailing list > [email protected]<mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/> _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
