Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt

["David Harrington" <ietfdbh at comcast.net>]

Thanks Tom.

We need others in the WG to review this draft as well.

We have committed to submitting this to IESG by March, and we have
holiday seasons (Xmas, Chinese New Year, etc.) that are likely to get
in the way. So we really need to get in-depth reviews done soon so we
can get issues resolved and revisions published within the next four
months.

Please help by reviewing this document.

Thanks
David Harrington
ietfdbh at comcast.net
syslog WG co-chair

> -----Original Message-----
> From: syslog-bounces at ietf.org 
> [mailto:syslog-bounces at ietf.org] On Behalf Of tom.petch
> Sent: Tuesday, October 27, 2009 5:13 AM
> To: Joseph Salowey (jsalowey); syslog at ietf.org
> Subject: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
> 
> Good stuff.
> 
> Ports; I like the idea of a common port, because it makes
operational
> deployment (eg filtering in Middle boxes) so much simpler and less
> error prone.
> 
> DTLS has an updated I-D in Working Group Last Call
> draft-ietf-tls-rfc4347-bis
> which I think we should reference.  It covers DTLS over DCCP
properly,
> which its predecessor might not be seen to.
> 
> Message size I think needs more coverage.  I would include a 
> summary of the
> advice on PMTU discovery in DTLS 4.1.1.1 and specifically 
> mention the 2**14
> limit on  records in DTLS.  Earlier discussions on this list 
> showed a desire for
> 2**16
> syslog messages which, to me, implies fragmentation by the 
> transport sender.
> 
> Dead Peer Detection I would sit on until something more 
> happens with the
> TLS Working Group.
> 
> Tom Petch
> 
> ----- Original Message -----
> From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
> To: <syslog at ietf.org>
> Sent: Wednesday, October 14, 2009 10:23 PM
> Subject: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
> 
> 
> I Just posted a -00 version of the syslog DTLS draft
> (http://www.ietf.org/internet-drafts/draft-ietf-syslog-dtls-00.txt).
I
> tried to merge the two proposals together and keep consistent with
the
> Syslog TLS draft.  Below are some issues I have identified, I'm sure
> there are others.
> 
> 1. Transport
> 
> DTLS can run over several different transports,  right now the draft
> requires UDP and recommends DCCP.  I think these are the most well
> defined.  The draft also forbids DTLS over TCP and favors TLS over
TCP
> to keep things consistent.  I left out SCTP, I'm not sure where SCTP
> over DTLS is in the process and there also is a TLS option for SCTP.
> 
> 2. Port Number
> 
> DTLS could use the same port and TLS, which seems simple.  The
> difficulty could be that for some transports you could use 
> either TLS or
> DTLS (SCTP for example).  In theory you could tell the difference
> between TLS and DTLS by version number so maybe this isn't a
problem.
> 
> 3. Initiation
> 
> One of the drafts allowed either side to initiate.  I did not
include
> this.  If we have a use case for it we could bring it back in.
> 
> 4. Dead Peer Detection
> 
> There has been a lot of discussion on DPD on the list.  I 
> don't have any
> specific remedy in the draft, just a warning that it could be 
> a problem.
> Its likely that some work on this will happen in DTLS, but I'm not
> confident on the timeframe at this point.
> 
> 5. Message Size
> 
> The text on message size could use some review.
> 
> Cheers,
> 
> Joe
> 
> _______________________________________________
> Syslog mailing list
> Syslog at ietf.org
> https://www.ietf.org/mailman/listinfo/syslog
>