[Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt

To: <syslog at ietf.org>
Subject: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
Date: Wed, 14 Oct 2009 14:23:34 -0700
Authentication-results: sj-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
Delivered-to: syslog at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=jsalowey at cisco.com; l=3425; q=dns/txt; s=sjiport01001; t=1255555416; x=1256765016; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20"Joseph=20Salowey=20(jsalowey)"=20<jsalowey at cisc o.com>|Subject:=20FW:=20[Syslog]=20I-D=20Action:draft-iet f-syslog-dtls-00.txt|Date:=20Wed,=2014=20Oct=202009=2014: 23:34=20-0700|Message-ID:=20<AC1CFD94F59A264488DC2BEC3E89 0DE508E8A6EB at xmb-sjc-225.amer.cisco.com>|To:=20<syslog at ie tf.org>|MIME-Version:=201.0; bh=ZPmpFejKbMR6I4Zk1dEyKuYZM+DlNN+h13M0Hmkg5r8=; b=sfeXd/RAukdoGALb+K7tCFngKNpaBlZO3Tx6bSx1cEHdEvwaGHKsKmtp lEv3C8OXynhDD18u8NKzNvWPg8XBv0fA1f7bGEZeFX1jwD1Or9vi/luPd yJUPHnTTQkJ8Z/AUg6i0GnquiAers/epNJhdXZ+aKmyEAVpc5HPag2PpS w=;
List-archive: <http://www.ietf.org/mail-archive/web/syslog>
List-help: <mailto:syslog-request@ietf.org?subject=help>
List-id: Security Issues in Network Event Logging <syslog.ietf.org>
List-post: <mailto:syslog@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
Thread-index: AcpNCyNWa1ezmQ7JSmSmM7H6xmRwVQACPg6Q
Thread-topic: [Syslog] I-D Action:draft-ietf-syslog-dtls-00.txt

I Just posted a -00 version of the syslog DTLS draft
(http://www.ietf.org/internet-drafts/draft-ietf-syslog-dtls-00.txt). I
tried to merge the two proposals together and keep consistent with the
Syslog TLS draft.  Below are some issues I have identified, I'm sure
there are others.  

1. Transport

DTLS can run over several different transports,  right now the draft
requires UDP and recommends DCCP.  I think these are the most well
defined.  The draft also forbids DTLS over TCP and favors TLS over TCP
to keep things consistent.  I left out SCTP, I'm not sure where SCTP
over DTLS is in the process and there also is a TLS option for SCTP.  

2. Port Number

DTLS could use the same port and TLS, which seems simple.  The
difficulty could be that for some transports you could use either TLS or
DTLS (SCTP for example).  In theory you could tell the difference
between TLS and DTLS by version number so maybe this isn't a problem.  

3. Initiation

One of the drafts allowed either side to initiate.  I did not include
this.  If we have a use case for it we could bring it back in.  

4. Dead Peer Detection

There has been a lot of discussion on DPD on the list.  I don't have any
specific remedy in the draft, just a warning that it could be a problem.
Its likely that some work on this will happen in DTLS, but I'm not
confident on the timeframe at this point. 

5. Message Size

The text on message size could use some review. 

Cheers,

Joe  

-----Original Message-----
From: syslog-bounces at ietf.org [mailto:syslog-bounces at ietf.org] On Behalf
Of Internet-Drafts at ietf.org
Sent: Wednesday, October 14, 2009 1:15 PM
To: i-d-announce at ietf.org
Cc: syslog at ietf.org
Subject: [Syslog] I-D Action:draft-ietf-syslog-dtls-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Security Issues in Network Event
Logging Working Group of the IETF.


	Title           : Datagram Transport Layer Security (DTLS)
Transport Mapping for Syslog
	Author(s)       : J. Salowey, et al.
	Filename        : draft-ietf-syslog-dtls-00.txt
	Pages           : 18
	Date            : 2009-10-14

This document describes the transport of syslog messages over DTLS
(Datagram Transport Level Security).  It provides a secure transport for
syslog messages in cases where a connection-less transport is desired.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-syslog-dtls-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

Attachment: draft-ietf-syslog-dtls-00.URL
Description: draft-ietf-syslog-dtls-00.URL

Follow-Ups:
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: Rainer Gerhards
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: tom.petch

Prev by Date: [Syslog] I-D Action:draft-ietf-syslog-dtls-00.txt
Next by Date: [Syslog] I-D Action:draft-ietf-syslog-sign-28.txt
Previous by thread: [Syslog] I-D Action:draft-ietf-syslog-dtls-00.txt
Next by thread: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
Index(es):
- Date
- Thread

[Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.