RE: [logs] SDSC Secure Syslog

From: Christopher Lonvick (clonvickat_private)
Date: Wed Dec 11 2002 - 05:18:58 PST

  • Next message: Blaise St-Laurent: "[logs] Log archival"

    Hi Rainer,
    
    On Wed, 11 Dec 2002, Rainer Gerhards wrote:
    
    > > * My opinion about BEEP that it is an overkill. BEEP is simply too
    > >   complicated, that's why it is not yet supported by
    > > syslog-ng. TCP transport
    > >   solves most problems we had with UDP, and using BEEP doesn't give us
    > >   anything new or exciting. Encryption can simply be carried
    > > out by wrapping
    > >   the TCP stream into SSL.
    >
    > I know there are key people involved with the syslog RFC on this list.
    > Do they see any chance for a "SSYSLOG" protocol - meaning a "simple"
    > syslog protocol based on TCP but the focus being on simple, that is no
    > beep and the like. I am getting more and more the impression this is
    > what people are really looking for and most implementors (us included)
    > are not really happy with the new RFCs.
    
    It needs to be brought up on the WG list.  If there is support for it,
    I'll discuss it with the ADs.  If they don't object, then you can float a
    proposal and we'll see if it should become a WG document and how it should
    proceed through the IETF.
    
    > Yes, sure we could have
    > commented on the RFCs before they became a standard - agreed. In my
    > case, I was simply too late ;)
    
    Hey! it's the IETF - it's never too late.  ;-)  3164 is not a "standard";
    it's an Informational RFC.  You can tell that because it contains these
    lines:
       This memo provides information for the Internet community.  It does
       not specify an Internet standard of any kind.
    syslog-sign repeats all of the protocol basics since that one is destined
    to be a Standards Track RFC.  If you'd like to propose changes to any of
    the fields, _now_ is the time to do so.
    
    >
    > As an other choice, would it may be possible to think about somthing
    > like a new protocol for network event loging, based on the idea of
    > syslog but with the enhancements we all would like to see...
    
    Isn't that what you proposed above?
    
    Later,
    Chris
    
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    



    This archive was generated by hypermail 2b30 : Wed Dec 11 2002 - 09:38:29 PST