Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt

To: "Rainer Gerhards" <rgerhards at hq.adiscon.com>
Subject: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Tue, 03 Nov 2009 06:49:18 -0500
Cc: "Woundy, Richard" <Richard_Woundy at cable.comcast.com>, deketelaere at tComLabs.com, enechamkin at broadcom.com, "Ong, Lyndon" <Lyong at Ciena.com>, Wes Hardaker <wjhns1 at hardakers.net>, Margaret Wasserman <mrw at lilacglade.org>, Sumanth Channabasappa <sumanth at cablelabs.com>, Andi Kosich <akosich at oiforum.com>, Sam Hartman <hartmans-ietf at mit.edu>, v.marinov at jacobs-university.de, akarmaka at cisco.com, Huang Min <huangmin123 at huawei.com>, syslog at ietf.org, Jeffrey Hutzelman <jhutz at cmu.edu>
Delivered-to: syslog at core3.amsl.com
In-reply-to: <9B6E2A8877C38245BFB15CC491A11DA7103310 at GRFEXC.intern.adiscon.com> (Rainer Gerhards's message of "Mon\, 2 Nov 2009 18\:00\:52 +0100")
List-archive: <http://www.ietf.org/mail-archive/web/syslog>
List-help: <mailto:syslog-request@ietf.org?subject=help>
List-id: Security Issues in Network Event Logging <syslog.ietf.org>
List-post: <mailto:syslog@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
References: <AC1CFD94F59A264488DC2BEC3E890DE508E8A6EB at xmb-sjc-225.amer.cisco.com> <012201ca56e8$f0e4ac40$0601a8c0 at allison> <0cc801ca5752$e24aad00$0600a8c0 at china.huawei.com> <4AE834B4.6090209 at cisco.com> <tsly6mv1tw4.fsf at mit.edu> <9B6E2A8877C38245BFB15CC491A11DA7103310 at GRFEXC.intern.adiscon.com>
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)

I think including a script to generate certificates and configure
their use would meet this requirement, so I definitely think it is
something that you could do.

I'm not at all convinced that generating a cert if you don't have one would be wrong.
Debian has chosen to do that for a number of applications we ship and it seems to work out well.

References:
- [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: Joseph Salowey (jsalowey)
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: tom.petch
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: David Harrington
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: Eliot Lear
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: Sam Hartman
- Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
  - From: Rainer Gerhards

Prev by Date: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
Next by Date: [Syslog] documenting industry-standard "plain tcp syslog"
Previous by thread: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
Next by thread: Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt
Index(es):
- Date
- Thread

Re: [Syslog] FW: I-D Action:draft-ietf-syslog-dtls-00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.