On Tue, 2006-01-31 at 11:28 +0100, Tom Petch wrote: > So I want to see a simpler solution - eg keyed hash - first and a more complex > one which includes encryption as phase two (2007?). > > And yes, my views are coloured by SNMP which I have worked with for many > years, > where, as I have said before, users tell me they must have encryption but it > usually turns out they have not yet learnt about the concept of differing > threats.
My points: * syslog is way different than SNMP traps, it really does contain sensitive information (not just link up/down). * adding TLS is very simple from the implementation point of view: adding a new transport layer to the software stack does not really change the software (can be done without changing the software at all via a wrapper like stunnel), message signatures is a big change in _all_ senders * adding TLS is very simple from the protocol specification point of view: define a way to wrap messages to an "envelope" (e.g. NL termination, or byte counter) and wrap messages into TLS * adding message signatures is difficult both implementation and specification wise, syslog-sign is far from being simple I'd say that the specification and implementation something like syslog-sign is at least 3-5 times as big work as doing the same with a drop-in package like TLS. But I guess this is a yes/no argument so we have to come up with a decision. I would propose an agenda like: 1) syslog-protocol 2) syslog-protocol over TLS 3) message integrity/authenticity checking in syslog-protocol Or maybe even start work on 2) and 3) in parallel. -- Bazsi _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
