* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Syslog Status Pages

Security Issues in Network Event Logging (Concluded WG)
Sec Area: Roman Danyliw, Benjamin Kaduk | 2000-May-18 — 2010-Oct-26 
Chairs
 
 


2010-05-05 charter

Security Issues in Network Event Logging (syslog)
-------------------------------------------------

 Charter

 Current Status: Active

 Chairs:
     David Harrington <ietfdbh@comcast.net>
     Chris Lonvick <clonvick@cisco.com>

 Security Area Directors:
     Sean Turner <turners@ieca.com>
     Tim Polk <tim.polk@nist.gov>

 Security Area Advisor:
     Sean Turner <turners@ieca.com>

 Mailing Lists:
     General Discussion: syslog@ietf.org
     To Subscribe:       syslog-request@ietf.org
     Archive:            http://www.ietf.org/mail-archive/web/syslog

Description of Working Group:

  Syslog has been a de-facto standard for logging system events for long
  time. The syslog WG recently completed standardization of the syslog
  protocol (RFC 5424), secure transport of the syslog protocol over TLS
  (RFC 5425), and non-secure transport over UDP (RFC 5426).

  The WG under this charter will standardize a DTLS transport for syslog,
  providing a secure transport for syslog messages in cases where a
  connection-less transport is desired. The threats that this WG will
  primarily address are modification, disclosure, and masquerade. A
  secondary threat is message stream modification.  These are consistent
  with those addressed in RFC 5425. Draft-feng-syslog-transport-dtls is
  already similar to RFC 5425 in this respect, so this draft will become
  the starting point for the WG document, which the WG will adjust as
  needed, and merge desired features from other sources, such as
  draft-petch-gerhards-syslog-transport-dtls, draft-hardaker-isms-dtls-tm,
  and draft-seggelmann-tls-dtls-heartbeat.

  The WG will also complete the ongoing work to specify a standardized
  mechanism for signing syslog messages (draft-ietf-syslog-sign).


Goals and Milestones:
  Done     - Post as an Internet Draft the observed behavior of the Syslog protocol for consideration as an Informational Document.
  Done     - Submit Syslog protocol document to IESG for consideration as an INFORMATIONAL RFC.
  Done     - Post as an Internet Draft the specification for an authenticated Syslog for consideration as a Standards Track RFC.
  Done     - Post an Internet Draft describing enhancements to the Syslog authentication protocol to add verification of delivery and other security services.
  Done     - Submit Syslog Authentication Protocol Enhancement to IESG for consideration as a PROPOSED STANDARD.
  Done     - Submit Syslog UDP Transport Mapping to the IESG for consideration as a PROPOSED STANDARD
  Done     - Submit Syslog Protocol to the IESG for consideration as a PROPOSED STANDARD
  Done     - Submit Syslog TLS Transport Mapping to the IESG for consideration as a PROPOSED STANDARD
  Done     - Submit a document that defines a message signing and ordering mechanism to the IESG for consideration as a PROPOSED STANDARD
  Done     - Submit Syslog DTLS Transport Mapping to the IESG for consideration as a PROPOSED STANDARD


All charter page changes, including changes to draft-list, rfc-list and milestones:



Generated from PyHt script /wg/syslog/charters.pyht Latest update: 24 Oct 2012 16:51 GMT -