Chris, Sorry, I obviously had a previous copy cached... I've just downloaded a fresh one and started re-reading it. As you say, it already is adapted to syslog-protocol.
Let me raise one point without being completely through with it: -sign now supports RFC 3164, 3195 and -protocol format. I see value in that approach (works for each and everything). On the other hand, it may introduce additional complexity, even on the operator side (configuration). Given the fact that -sign code needs to be written from scratch, wouldn't it make sense to limit it to just -protocol format? Rainer > -----Original Message----- > From: Chris Lonvick [mailto:[EMAIL PROTECTED] > Sent: Monday, August 14, 2006 8:33 AM > To: Rainer Gerhards > Cc: [EMAIL PROTECTED] > Subject: Re: [Syslog] Syslog-sign & -protocol > > Hi All, > > On Sun, 13 Aug 2006, Rainer Gerhards wrote: > > > Hi, > > > > A general comment: syslog-sign is still based on rfc 3164 > and has ist own format definitions. It needs to be edited to > utilize the new work in syslog-protocol. It should now use > structured data for ist signature blocks. > > Alex has moved much of it to be conformant with > syslog-protocol. The work > that needs to be addressed (as I see it :) > > For the Signature Block, should the payload of signatures be > part of the > "ssign" SD-ID, or should it be the payload (behind the BOM)? > Right now, > it is part of the SD-ID. > > Similarly, about the "ssign-cert" and it's payload. I think > it likely > that the Payload Block can be placed within a single > Certificate Block > based upon our discussions of the max length. > > The document needs to define how to use "@enterpriseID" in some cases. > > Section 8.2 - the length is no longer limited to 1024B. > > Section 9 - "Cookie Fields" are no longer used. > > The IANA section also needs to specify which SD-IDs and > SD-Params should > be registered. > > Should other SD-IDs be included with "ssign" and "ssign-cert" > SD-IDs? (I > think so as that's how we include information about time > accuracy, etc.) > > Thanks, > Chris > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog