Hi folks, This draft is about syslog which used to improve logging credibility by adding synchronization time information. The trigger of this draft is that we found the attack vulnerability of syslog time synchronization during the experiment, the purpose is to improve rfc5424 with a slight modification. And the draft aimed at the discussion of credibility when the value "1" is used for "isSynced". We have received some suggestions from Sean and lonvick, will also update the version after open submission. If anyone is interested in this topic, please feel free to comment.
Best, Meiling From: internet-drafts Date: 2022-03-07 10:18 To: Fengsheng Wang; Li Su; Meiling Chen; chenmeiling Subject: New Version Notification for draft-chen-syslog-syscinfo-credibility-00.txt A new version of I-D, draft-chen-syslog-syscinfo-credibility-00.txt has been successfully submitted by Meiling Chen and posted to the IETF repository. Name: draft-chen-syslog-syscinfo-credibility Revision: 00 Title: Improve logging credibility by adding synchronization time information Document date: 2022-03-06 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/archive/id/draft-chen-syslog-syscinfo-credibility-00.txt Status: https://datatracker.ietf.org/doc/draft-chen-syslog-syscinfo-credibility/ Html: https://www.ietf.org/archive/id/draft-chen-syslog-syscinfo-credibility-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-chen-syslog-syscinfo-credibility Abstract: This document proposes a scheme to improve the credibility of log reporting time by adding time synchronization information. This document updates the "timeQuality" structured Data in RFC 5424 [RFC5424], The Syslog Protocol. By appending "SYNCINFO" information after the "isSynced" parameter, the log collector can judge the credibility of logs when correlating logs of different devices. The IETF Secretariat
_______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
