Re: [Syslog] Missing dead peer detection in DTLS

To: <cfinss at dial.pipex.com>
Subject: Re: [Syslog] Missing dead peer detection in DTLS
From: <Pasi.Eronen at nokia.com>
Date: Fri, 7 Aug 2009 11:27:28 +0200
Accept-language: en-US
Acceptlanguage: en-US
Cc: syslog at ietf.org
Delivered-to: syslog at core3.amsl.com
In-reply-to: <000201ca1352$42b53ba0$0601a8c0 at allison>
List-archive: <http://www.ietf.org/mail-archive/web/syslog>
List-help: <mailto:syslog-request@ietf.org?subject=help>
List-id: Security Issues in Network Event Logging <syslog.ietf.org>
List-post: <mailto:syslog@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
References: <4A6EB9BB.9040002 at net.in.tum.de> <000401ca111a$3bb01da0$0601a8c0 at allison> <EB76C973-49C7-494C-8281-52559BC61F40 at fh-muenster.de> <000201ca1352$42b53ba0$0601a8c0 at allison>
Thread-index: AcoTWsAkXIgIs4w1SvO/Dig4S3/5FwD5VXDw
Thread-topic: [Syslog] Missing dead peer detection in DTLS

[trimming Cc list to just syslog]

Tom Petch wrote:

> > This would mean, that
> > * SYSLOG/TLS/TCP/IP
> > * SYSLOG/DTLS/SCTP/IP
> > * SYSLOG/DTLS/DCCP/IP
> > are in principle acceptable, whereas
> > * SYSLOG/DTLS/UDP/IP
> > is not.
> > You would (from the congestion control perspective) have the same
> > classification when taking out the DTLS or TLS layer, right?
> 
> <tp>
> I am unclear about your second sentence, but the first one, yes, I
> would expect the first three to be acceptable to the IESG (which is
> rather important if you want an I-D to become an RFC) and the last
> one not to be.  TLS (by using TCP), SCTP, DCCP have acceptable
> congestion control, DTLS and UDP do not.

Well, syslog-over-UDP was acceptable to IESG, and was published as 
RFC 5426 couple of months ago.

Syslog-over-UDP is not the mandatory-to-implement or recommended
transport for in RFC 5424, due to both congestion control and
security reasons. Syslog-over-DTLS-over-UDP would have the
same challenges in congestion control, so probably it wouldn't
be the mandatory-to-implement or recommended transport either.
But that doesn't prevent it from being published as RFC.

Best regards,
Pasi

Follow-Ups:
- [Syslog] Choice of substrate wasRe: Missing dead peer detection in DTLS
  - From: tom.petch

References:
- [Syslog] Missing dead peer detection in DTLS
  - From: Gerhard Muenz
- Re: [Syslog] Missing dead peer detection in DTLS
  - From: tom.petch
- Re: [Syslog] Missing dead peer detection in DTLS
  - From: Michael Tuexen
- Re: [Syslog] Missing dead peer detection in DTLS
  - From: tom.petch

Prev by Date: [Syslog] revised draft WG meeting minutes
Next by Date: Re: [Syslog] Matters arising was: Re: syslog WG meeting minutes (proposed)
Previous by thread: Re: [Syslog] Missing dead peer detection in DTLS
Next by thread: [Syslog] Choice of substrate wasRe: Missing dead peer detection in DTLS
Index(es):
- Date
- Thread

Re: [Syslog] Missing dead peer detection in DTLS

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.