Hi. The IESg reviewed the proposed syslog charter at today's telechat and decided that it requires revision. The main concern seems to be the lack of a mandatory to implement security mechanism. I indicated this might be the case in the Vancouver meeting.
so, you definitely need to have some sort of mandatory to implement security mechanism. I'm not quite sure what needs to be said about this in the charter. But the working group will need to: 1) Identify a threat model for syslog 2) Define mechanisms to address these threats. So, questions for the threat model include things like whether confidentiality is important or whether integrity of mesages is sufficient. Depending on the threat model here are some possible solutions: 1) Require some transport like syslog over TLS|DTLS be implemented. 2) Require that all senders implement signatures stored in structured data as an option. I don't think you need to commit to one of these options now. However, you do need to reflect the security issues in the charter. --Sam _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog