On Mon, 2006-01-30 at 19:56 -0500, Carson Gaspar wrote: > > --On Monday, January 30, 2006 9:40 AM -0500 David B Harrington > <[EMAIL PROTECTED]> wrote: > > > If the hop-by-hop transport of information checks integrity of the > > whole message, then it shouldn't be necessary to check the integrity > > of the message contents independently, should it? > > > > If a relay cannot be trusted to not alter the message contents in > > undesirable ways, why would an administrator utilize that relay in > > their system of relays for message transport? Can you give me an > > example of when such an untrustworthy relay would be used? > > Simple - a formerly trusted relay becomes compromised. In a perfect world, > this wouldn't happen. But in the real world, it does. Having the data > authenticated by the origin reduces the threat to only the origin server.
And additionally, the syslog infrastructure can be a shared infrastructure that is managed by a different group in the organization. So the IT managers of end systems _might_ be interested in having their own security measures while still using the shared infrastructure. -- Bazsi _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
