My personal opinion below. Not speaking for WG, of course. > * Does the WG believe that Authentication of the origin of > the message is a requirement for the mandatory to implement approach?
Yes. > * Does the WG believe that integrity protection independent > of transport is a requirement for the mandatory to implement? I would guess this is where opinions may differ. I think - yes, it is a requirement. Both integrity support in general and its independence from transport. The latter extends protection beyond transport (to storage for example) and allows to defer validation till message is actually used if this is desired. Thanks, Anton. _______________________________________________ Syslog mailing list [email protected] https://www1.ietf.org/mailman/listinfo/syslog
