> On Mon, 2006-01-09 at 09:08 +0100, Rainer Gerhards wrote: > > I would say that addressing the security concerns at the transport level > is way easier management and implementation wise than implementing > syslog-sign.
I disagree with the statement about management as the problem is the same for using a secure protocol at either transport or application level. > 1) transport level implements security mechanisms on a per hop-by-hop > basis, the message itself is not authenticated, each of the relay > stations can modify the message > > 2) syslog-sign implements per-message, end-to-end authenticity where the > relay hosts cannot modify messages as they are individually signed by > their origin. > > So I'd go with using TLS/DTLS on the transport first and then possibly > adapting syslog-sign when the transport issues are resolved. (1) and (2) are complimentary and one do not exclude the other from being necessary. Darren _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
