From syslog-bounces@lists.ietf.org Tue Oct 02 12:00:35 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ick80-0007Dq-I6; Tue, 02 Oct 2007 11:57:44 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ick7y-0007Cg-Vi for syslog@ietf.org; Tue, 02 Oct 2007 11:57:43 -0400 Received: from sj-iport-1-in.cisco.com ([171.71.176.70] helo=sj-iport-1.cisco.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Ick7y-0007fh-Ij for syslog@ietf.org; Tue, 02 Oct 2007 11:57:42 -0400 X-IronPort-AV: E=Sophos;i="4.21,220,1188802800"; d="scan'208";a="21126453" Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-1.cisco.com with ESMTP; 02 Oct 2007 08:57:42 -0700 Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id l92FvfAu018710 for ; Tue, 2 Oct 2007 08:57:41 -0700 Received: from sjc-cde-003.cisco.com (sjc-cde-003.cisco.com [171.71.162.27]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id l92FvdmR029118 for ; Tue, 2 Oct 2007 15:57:39 GMT Date: Tue, 2 Oct 2007 08:57:39 -0700 (PDT) From: Chris Lonvick To: syslog@ietf.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2268; t=1191340662; x=1192204662; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=clonvick@cisco.com; z=From:=20Chris=20Lonvick=20 |Subject:=20Facilities=20-=20normative=20or=20informative=20label |Sender:=20; bh=bjESGlIE7oyVS2RNPeofnT9sGR2WzA5/Q9sTTkV6GoA=; b=k2fcGoKccc5djyfnBIHkQweLHmkdisAZ9h2q4tqaqesLBhcmbfS7zQBUb4frLEe5amTd4obd 0WZIlsPkUYVPBoUtkshbdvnN13UDVsTd+CVIKEfAslfZoVqNjojxlswb; Authentication-Results: sj-dkim-4; header.From=clonvick@cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; ); X-Spam-Score: 0.0 (/) X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1 Cc: Subject: [Syslog] Facilities - normative or informative label X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org Hi Folks, This is adding to the note that David sent out about syslog-tc-mib-02 and a discussion we've had about the Facilities. David and I have reviewed the mailing list discussion and have concluded that the labels are normative, but irrelevant. For interoperability and backwards compatibility reasons, the values and labels are normative, so the mapping from a label configured by operators in syslog.conf or equivalent consistently maps to the same Facility number regardless of implementation, but the label itself is often semantically meaningless, because there are not enough numbers to cover all possible facilities, and the enumeration (label and value) that is used by an actual facility is, and has historically been, implementation-dependent. For example, the foobar application might log messages as having come from local7, even though there is no "local" process on the device, and the operator can configure syslog.conf to have local7.critical messages be relayed, even though there might be multiple facilities using Facility local7. This is typical current practice, and originators, relays and collectors know how to handle this situation. For improved accuracy, the foobar application can also include an APPNAME SDE in the message identifying itself as the "foobar" application." Also, I believe it is the intent of the WG that _all_ processes have the ability to use the syslog transport to send their messages to a device that might care. My concern is that we'll never have enough Facilities to distincly identify all possible processes that might want to send messages. I think that we had a discussion a long time ago about trying to associate a number with each process, with enough expansion to cover the future. It didn't work out then and it won't work now. Another way to say what I'm thinking is that that some policy may be enacted at my company to say that my foo.log or my virusscan.log (as examples) be forwarded from my machine to some central repository. Neither of these things are going to be able to use a defined Facility but they could both use local7 simultaneously. Some process at the receiver would have to separate them based upon APPNAME. _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog From virginiam@kedi.re.kr Wed Oct 03 02:01:48 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IcxIq-0004hD-R7 for syslog-archive@lists.ietf.org; Wed, 03 Oct 2007 02:01:48 -0400 Received: from port0004-adk-adsl.cwjamaica.com ([72.27.44.4]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IcxIi-0000LQ-B7 for syslog-archive@lists.ietf.org; Wed, 03 Oct 2007 02:01:46 -0400 Received: from rfwk ([160.38.191.95]) by port0004-adk-adsl.cwjamaica.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 3 Oct 2007 00:58:19 -0400 Message-ID: <002901c8057a$0476e970$5fbf26a0@rfwk> From: To: Subject: have this signed and returned please Date: Wed, 3 Oct 2007 00:58:19 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Spam-Score: 2.7 (++) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed Hot new yacht makes huge waves with boaters. Fearless International Inc. (F R L E) $0.20 Investors are giggling over 10 million in orders since February. F RLE is hot From syslog-bounces@lists.ietf.org Wed Oct 03 14:09:43 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Id8d3-0000Mc-HQ; Wed, 03 Oct 2007 14:07:25 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Id8d2-0000MT-Oa for syslog@ietf.org; Wed, 03 Oct 2007 14:07:24 -0400 Received: from szxga04-in.huawei.com ([61.144.161.7]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Id8d1-0002CD-T9 for syslog@ietf.org; Wed, 03 Oct 2007 14:07:24 -0400 Received: from huawei.com (szxga04-in [172.24.2.12]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JPC004MDKZ9QQ@szxga04-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 02:06:45 +0800 (CST) Received: from huawei.com ([172.24.1.18]) by szxga04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JPC00E7LKZ90H@szxga04-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 02:06:45 +0800 (CST) Received: from jys5013427 ([10.124.17.105]) by szxml03-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JPC00COOKYXU3@szxml03-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 02:06:45 +0800 (CST) Date: Wed, 03 Oct 2007 11:06:50 -0700 From: Miao Fuyou To: syslog@ietf.org Message-id: <012d01c805e8$2e868ae0$69117c0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Thread-index: AcgF6CtrFxAykpLbTRm9h25mic9/Aw== X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 Cc: jsalowey@cisco.com Subject: [Syslog] Authentication, certificates, trust anchor, cipher suite and deployability for syslog/tls X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org Hi all, Sorry for not dicussion syslog/tls document for some time. This is to trying to start the discusion to progress the draft. Basically the open issue is still about certificate and authentication. It is also closely relevant to trust anchor, cipher suite and deployability. I try to classify the different security environment and give a simple analysis with the information from AD, chairs and Joe. Security sensitive environment: The server and the client are both configured with certiifcates. The trust anchors must be configured for both server and client, so the client and server can validate the certificate to a common trust anchor. It is not easy to deploy because there are a lot of work for certificate and trust anchor configuration. This configuration could defense all the threats identifed. Environment where active attack is concern: The server is configured with certificate, but the client is not to be required to be configured with a certificate. The client can generate a selt-signed certificate by itself. However, the client must be configured with trust anchor, so it can validate the server certificate is trustable. This configuration is still difficult for deployment because there are a lot of configuration work to be done. This confguration could defense active attack, but is vulnerable to client spoof. Security insensitive environment: Both the client and server are not required to be configured with certificate and trust anchor. They generate self-signed certificates. It is very easy for deployment because almost there is no configuration required. Note this configuration is vulnerable to active attack. Which configuration should be mandatory? I seems we need not a mandatory configuration from the PoV of implementation, right? However, we do need to mandate the implementation (both client and server) to support certificate configuration, trust anchor configuration, and self-signed certificate. We will need to specify a cipher suite (probably RSA-AES-CBC) for inter-operatability, but probably we don't need to specify different cipher suites for 3 various ssenarios because all the scenarios above requires certificate for key pair generation. Regards, Miao _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog From syslog-bounces@lists.ietf.org Wed Oct 03 14:51:23 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Id9JE-0000wV-PM; Wed, 03 Oct 2007 14:51:00 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Id9JE-0000vX-34 for syslog@ietf.org; Wed, 03 Oct 2007 14:51:00 -0400 Received: from rtp-iport-2.cisco.com ([64.102.122.149]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Id9J5-0007MB-K0 for syslog@ietf.org; Wed, 03 Oct 2007 14:51:00 -0400 X-IronPort-AV: E=Sophos;i="4.21,226,1188792000"; d="scan'208";a="133768977" Received: from rtp-dkim-1.cisco.com ([64.102.121.158]) by rtp-iport-2.cisco.com with ESMTP; 03 Oct 2007 14:50:16 -0400 Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id l93IoGU7005114; Wed, 3 Oct 2007 14:50:16 -0400 Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l93IoGcw008033; Wed, 3 Oct 2007 18:50:16 GMT Received: from xmb-rtp-20d.amer.cisco.com ([64.102.31.51]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 3 Oct 2007 14:50:12 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: [Syslog] Authentication, certificates, trust anchor, cipher suite and deployability for syslog/tls Date: Wed, 3 Oct 2007 14:51:26 -0400 Message-ID: <98AE08B66FAD1742BED6CB9522B7312203BC90E1@xmb-rtp-20d.amer.cisco.com> In-Reply-To: <012d01c805e8$2e868ae0$69117c0a@china.huawei.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Syslog] Authentication, certificates, trust anchor, cipher suite and deployability for syslog/tls Thread-Index: AcgF6CtrFxAykpLbTRm9h25mic9/AwAAYtPw References: <012d01c805e8$2e868ae0$69117c0a@china.huawei.com> From: "Anton Okmyanskiy (aokmians)" To: "Miao Fuyou" , X-OriginalArrivalTime: 03 Oct 2007 18:50:12.0075 (UTC) FILETIME=[3A6EBBB0:01C805EE] DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=5108; t=1191437416; x=1192301416; c=relaxed/simple; s=rtpdkim1001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=aokmians@cisco.com; z=From:=20=22Anton=20Okmyanskiy=20(aokmians)=22=20 |Subject:=20RE=3A=20[Syslog]=20Authentication, =20certificates, =20trust=20 anchor,=20cipher=20suite=20and=20deployability=20for=20syslog/tls |Sender:=20 |To:=20=22Miao=20Fuyou=22=20,=20; bh=Amy8uoyc5cO59Fuy7qyejgeK/j/4Zph5cMAD9JSjE88=; b=GiupiAXhhgbEY/TvfGa6uZJKY9tbB2xvZdjlSH/53EEnn8ZCxJcr+sOiO3eGmZp1xnHtv8w8 iBt4Eo4//5rXiePSodzrlzftsSurJi2qnBiOIhGr9jcIi5U9MEQxgD33; Authentication-Results: rtp-dkim-1; header.From=aokmians@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim1001 verified; ); X-Spam-Score: -4.0 (----) X-Scan-Signature: ff03b0075c3fc728d7d60a15b4ee1ad2 Cc: "Joseph Salowey \(jsalowey\)" X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org Miao: > Security sensitive environment: > The server and the client are both configured with=20 > certiifcates. The trust anchors must be configured for both=20 > server and client, so the client and server can validate the=20 > certificate to a common trust anchor. It is not easy to=20 > deploy because there are a lot of work for certificate and=20 > trust anchor configuration. > This configuration could defense all the threats identifed. >=20 > Environment where active attack is concern: > The server is configured with certificate, but the client is=20 > not to be required to be configured with a certificate. The=20 > client can generate a selt-signed certificate by itself.=20 Why do you need a self-signed certificate here? What purpose does it serve? You are not proposing using it for client authentication here, are you? > However, the client must be configured with trust anchor, so=20 > it can validate the server certificate is trustable.=20 > This configuration is still difficult for deployment because=20 > there are a lot of configuration work to be done. > This confguration could defense active attack,=20 What is that? Let's be more specific if you intend to put this in the doc (same goes for names of these 3 scenarios). I think this configuration does two things: encryption and server authentication. > but is=20 > vulnerable to client spoof. >=20 > Security insensitive environment: > Both the client and server are not required to be configured=20 > with certificate and trust anchor. They generate self-signed=20 > certificates.=20 Again, why do you need client self-signed certificate here? =20 > It is very easy for deployment because almost there is no=20 > configuration required.=20 > Note this configuration is vulnerable to active attack. More specifically, this configuration provides only encryption, but no authentication.=20 > Which configuration should be mandatory? I seems we need not=20 > a mandatory configuration from the PoV of implementation,=20 > right? However, we do need to mandate the implementation=20 > (both client and server) to support certificate=20 > configuration, trust anchor configuration, and self-signed=20 > certificate.=20 Let's separate what is required for implementation, and what is required for deployment.=20 I think server MUST implement & be deployed with a server-based certificates for this transport. Whether it is self-signed or CA-signed can probably be left to a deployment choice. If it is self-signed, then effectively no server authentication is done, just encryption.=20 The other part is client authentication. I think the server MUST support authenticating clients with certificates and client authentication is OPTIONAL for deployment. The minimum authentication that server MUST support is validating the client certificate against trusted CA.=20 A more secure server MAY also want to implement a mechanism which prevents an authenticated client from masquerading as something else in the messages that it emits. For example, 1mln certs may be signed by the same CA, but we don't want one client with one such cert to be able to masquerade as any of the 1mln other clients. To accomplish this, the server need to take client identity from CN field of the certificate and either validate it against some field in syslog message, or at least plug the CN value into the syslog message structured data, so that admin can do whatever validation he/she desires when needed. =20 I think it is good to describe this additional client authentication consideration, but leave it as OPTIONAL. I think we discussed standardizing a unique CN field value before and it was not fruitful. Standard syslog structured field name for CN value would be a good idea. > We will need to specify a cipher suite (probably RSA-AES-CBC)=20 > for inter-operatability,=20 We need to specify at least 2 because one of them may become vulnerable after standard is released and software is deployed.=20 The client MUST advertise support of cipher suite X & Y. Server will select the appropriate one based on its configuration for the TLS session. Server should not be forced to select one of those two. I don't think there is any server requirement here. =20 As for specific cipher suites, it will probably be a religious debate. Maybe IETF has a policy on this? I have seen one other standard require these two: * RSA_WITH_3DES_EDE_CBC_SHA * RSA_WITH_RC4_128_SHA My only concern would be that at least one of them (or better both) is popular enough to be in most of today's major TLS implementations.=20 Regards, Anton.=20 > but probably we don't need to=20 > specify different cipher suites for 3 various ssenarios=20 > because all the scenarios above requires certificate for key=20 > pair generation.=20 >=20 > Regards, > Miao >=20 >=20 >=20 > _______________________________________________ > Syslog mailing list > Syslog@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/syslog >=20 _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog From syslog-bounces@lists.ietf.org Wed Oct 03 18:14:17 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdCRe-0007Yr-Ns; Wed, 03 Oct 2007 18:11:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdCNi-0006Tx-Cb for syslog@ietf.org; Wed, 03 Oct 2007 18:07:50 -0400 Received: from szxga01-in.huawei.com ([61.144.161.53]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IdBuX-0003Xx-VZ for syslog@ietf.org; Wed, 03 Oct 2007 17:37:48 -0400 Received: from huawei.com (szxga01-in [172.24.2.3]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JPC00GCNUPP22@szxga01-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 05:37:01 +0800 (CST) Received: from huawei.com ([172.24.1.24]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0JPC00JOVUPOH3@szxga01-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 05:37:01 +0800 (CST) Received: from jys5013427 ([10.124.17.105]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTPA id <0JPC00GBZUPF2I@szxml04-in.huawei.com> for syslog@ietf.org; Thu, 04 Oct 2007 05:37:00 +0800 (CST) Date: Wed, 03 Oct 2007 14:37:08 -0700 From: Miao Fuyou Subject: RE: [Syslog] Authentication, certificates, trust anchor, cipher suite and deployability for syslog/tls In-reply-to: <98AE08B66FAD1742BED6CB9522B7312203BC90E1@xmb-rtp-20d.amer.cisco.com> To: "'Anton Okmyanskiy (aokmians)'" , syslog@ietf.org Message-id: <014f01c80605$8e410c90$69117c0a@china.huawei.com> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 X-Mailer: Microsoft Office Outlook 11 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Thread-index: AcgF6CtrFxAykpLbTRm9h25mic9/AwAAYtPwAAVuurA= X-Spam-Score: 0.0 (/) X-Scan-Signature: c54bc2f42d02429833c0ca4b8725abd7 Cc: "'Joseph Salowey \(jsalowey\)'" X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org Hi Anton, Thanks for your feedback! > > Environment where active attack is concern: > > The server is configured with certificate, but the client > is not to be > > required to be configured with a certificate. The client > can generate > > a selt-signed certificate by itself. > > Why do you need a self-signed certificate here? What purpose > does it serve? The client MAY use a self-signed certificate. > You are not proposing using it for client authentication > here, are you? Not exactly. This is to explore various possible options with regard to certificate, perhaps it is not necessary to appear in the specification. > > What is that? Let's be more specific if you intend to put > this in the doc (same goes for names of these 3 scenarios). > I think this configuration does two things: encryption and > server authentication. Active attack involves an attempts to change information by contrast with passive attack. To be more specific, it is man-in-the-middle attack is this case. > > > but is > > vulnerable to client spoof. > > > > Security insensitive environment: > > Both the client and server are not required to be configured with > > certificate and trust anchor. They generate self-signed > certificates. > > Again, why do you need client self-signed certificate here? > > > It is very easy for deployment because almost there is no > > configuration required. > > Note this configuration is vulnerable to active attack. > > More specifically, this configuration provides only > encryption, but no authentication. > > > Which configuration should be mandatory? I seems we need not a > > mandatory configuration from the PoV of implementation, right? > > However, we do need to mandate the implementation (both client and > > server) to support certificate configuration, trust anchor > > configuration, and self-signed certificate. > > Let's separate what is required for implementation, and what > is required for deployment. > > I think server MUST implement & be deployed with a > server-based certificates for this transport. Whether it is > self-signed or CA-signed can probably be left to a deployment > choice. If it is self-signed, then effectively no server > authentication is done, just encryption. > > The other part is client authentication. I think the server > MUST support authenticating clients with certificates and > client authentication is OPTIONAL for deployment. The > minimum authentication that server MUST support is validating > the client certificate against trusted CA. OK. > > A more secure server MAY also want to implement a mechanism > which prevents an authenticated client from masquerading as > something else in the messages that it emits. For example, > 1mln certs may be signed by the same CA, but we don't want > one client with one such cert to be able to masquerade as any > of the 1mln other clients. To accomplish this, the server > need to take client identity from CN field of the certificate > and either validate it against some field in syslog message, > or at least plug the CN value into the syslog message > structured data, so that admin can do whatever validation > he/she desires when needed. > > I think it is good to describe this additional client > authentication consideration, but leave it as OPTIONAL. I > think we discussed standardizing a unique CN field value > before and it was not fruitful. > Standard syslog structured field name for CN value would be a > good idea. > Good idea, but I tend to not mix the content with its tranport. BTW, TLS transport is hop-by-hop protocol rather than an end-to-end protocol, so it will have difficulties to decide the content when the client is just a relay. > > > We will need to specify a cipher suite (probably RSA-AES-CBC) for > > inter-operatability, > > We need to specify at least 2 because one of them may become > vulnerable after standard is released and software is deployed. > > The client MUST advertise support of cipher suite X & Y. > Server will select the appropriate one based on its > configuration for the TLS session. Server should not be > forced to select one of those two. I don't think there is any > server requirement here. > > As for specific cipher suites, it will probably be a religious debate. > Maybe IETF has a policy on this? I have seen one other > standard require these two: > > * RSA_WITH_3DES_EDE_CBC_SHA > * RSA_WITH_RC4_128_SHA RC4 is for stream application, does it apply to Syslog/TLS? RFC4346 mandates TLS_RSA_WITH_3DES_EDE_CBC_SHA, however, I think 3DES is a interim algorithm. Actually TLS 1.2 draft mandates TLS_RSA_WITH_AES_128_CBC_SHA. > > My only concern would be that at least one of them (or better > both) is popular enough to be in most of today's major TLS > implementations. > > Regards, > Anton. > > > but probably we don't need to > > specify different cipher suites for 3 various ssenarios because all > > the scenarios above requires certificate for key pair generation. > > > > Regards, > > Miao > > > > > > > > _______________________________________________ > > Syslog mailing list > > Syslog@lists.ietf.org > > https://www1.ietf.org/mailman/listinfo/syslog > > > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog From mrkenetic@cupcakescrapshop.com Wed Oct 03 21:09:55 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdFDv-00041M-Bs for syslog-archive@lists.ietf.org; Wed, 03 Oct 2007 21:09:55 -0400 Received: from [190.86.50.78] (helo=rbjo) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IdFDs-0000QP-6t for syslog-archive@lists.ietf.org; Wed, 03 Oct 2007 21:09:55 -0400 Received: from [215.99.87.104] (helo=svfy) by rbjo with smtp (Exim 4.66 (FreeBSD)) id 1JÅ2]%-0001Hb-45; Wed, 3 Oct 2007 19:04:38 +0200 Message-ID: <002001c805df$66d489f0$685763d7@svfy> From: "Underwood F. Katrine" To: Subject: Date: Wed, 3 Oct 2007 19:04:04 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_001C_01C805F0.2A5124F0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 4.3 (++++) X-Scan-Signature: 958aa603499a3de6b2b87d68741ed60e ------=_NextPart_000_001C_01C805F0.2A5124F0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_001D_01C805F0.2A543230" ------=_NextPart_001_001D_01C805F0.2A543230 Content-Type: text/plain; charset="windows-1250" Content-Transfer-Encoding: quoted-printable ------=_NextPart_001_001D_01C805F0.2A543230 Content-Type: text/html; charset="windows-1250" Content-Transfer-Encoding: quoted-printable
 
------=_NextPart_001_001D_01C805F0.2A543230-- ------=_NextPart_000_001C_01C805F0.2A5124F0 Content-Type: application/pdf; name="headlines.pdf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; name="headlines.pdf" JVBERi0xLjEKJeLjz9MKMSAwIG9iaiAKPDwKL1BhZ2VzIDIgMCBSCi9UeXBlIC9DYXRhbG9nCj4+ CmVuZG9iaiAKMiAwIG9iaiAKPDwKL01lZGlhQm94IFswIDAgNjEyIDc5Ml0KL0tpZHMgWzMgMCBS IDQgMCBSIDUgMCBSIDYgMCBSIDcgMCBSIDggMCBSIDkgMCBSXQovQ291bnQgNwovVHlwZSAvUGFn ZXMKPj4KZW5kb2JqIAoxMCAwIG9iaiAKPDwKL0Jhc2VGb250IC9Db3VyaWVyCi9TdWJ0eXBlIC9U eXBlMQovTmFtZSAvRjEKL1R5cGUgL0ZvbnQKPj4KZW5kb2JqIAoxMSAwIG9iaiAKPDwKL0ZvbnQg Cjw8Ci9GMSAxMCAwIFIKPj4KL1Byb2NTZXQgWy9QREYgL1RleHRdCj4+CmVuZG9iaiAKMyAwIG9i aiAKPDwKL1BhcmVudCAyIDAgUgovTWVkaWFCb3ggWzAgMCA2MTIgNzkyXQovUmVzb3VyY2VzIDEx IDAgUgovQ29udGVudHMgMTIgMCBSCi9UeXBlIC9QYWdlCj4+CmVuZG9iaiAKMTIgMCBvYmogCjw8 Ci9MZW5ndGggMTI4MQo+PgpzdHJlYW0KwzqEq21MoRCN2lhniR2PuuyrEfG+az83KnXc376lovcs /uam5LhPolJ3q6ePyhSKs8jAsfHpWvIKYG638IWENpTECLA38ObEAqxsRK2M8pcufyvmPuH54mMg Y+snUWkHboc9kJFmp8G3zN1K374JOBkHI0CJnR4g/lwJ/sDbDr/j6LsM65f9RNIZwr8IuXUUooAv BaTbhbZASo+phJyW4qVD6REU4l+a2G+UQ61Bw/hDVCKBZLFiSBaXbK5xlIdZHo1va2xwEf/P9Wis QveOzAG8rN7Z7D2DC3DGBqjvTvRlSQWOawEppdyAZZ3lghw3NHPX2ZrQ/JvQNBnCMtqg4u84wbt0 OsGxLgHYMu8Peo4NDoufuDWsmWlChQ4kQATpsyPi6CxW/47UIiZETUN5swIn6924apg2/ehmWh9D 9nEmkraGh6fNXkqG+qpSUxMuQEsy/AMOjS6bAiKtxvmzH/PHXKleenfom/qfkQrN1YzvHUNEnu/Z Z6sIbVom6D2lIUZ1xWR7O58YDBxaq6bfNJmg6ODinYBl8CHZuY6DHdO6Bzcclu/lXnWJAhJmkSyo Yh+z5H33dgNMvJzIn2G7YWwU4I24gX3Gz/rNwbB3HhRPT+h2cKDipdc3Qj227yRguXJO2wN/1ZOR cawsG479tBq9XQ6gNgheGhsurV4hVC+tF1oDp/NIo6T62wlYkjefd73FGeYy+LSINOGCrC99jDQ2 e4I28ewMUoFAUnMwM+B2Xf8rT4zUo5wtwtLFm+ZpkyiL/pkVEjvVCD0gVO1SqHc81XWFiU2R59yN Wpb/JSoleZzMy+0T+98Vn7qWO/Otc//q4SNuqAeowgukiZoQ1ldBYbfffd0tb3/GZCxnmmoE5gAA 3PyUbEhnYZxzGhF1onKgJ9TzLIFwoRUvsiijl0vCCR4JvFV/aT4ljZ4I5DRtvIfcp+RTirePvUhi g7NNAnepLa1XGvd9KYVLxWZt9TQQ2OcSsTrxiDHr4CnGq0xx1ShnD3MqbELVSteHPaKWvGpiBXfU HEpjZt36rAHB1M0H6LnTJ9ViILKbTNxDnfz+6+GlMNWDBk33ttwf1o3SaaV01KhMC0kD5g70EwPk wpUcuopdpD/SiCnY0ARQJcW6P5rhrwFjjqO0bS6N5GPpRi2r8FmXrZQDXYVMLYPOKoAgzwtBNsey CUZ1Ls+cTmi6TM9vF1XwSfimwik7TG9IaTK4PJdC8CKbbeOiAx/htOQw7E8HLIt66MXPXjKf918D gi9sZ0iEEjJwJcc3z1IKjt+aalw2vNB8ds4I8LxnCaq99V4Qv/ROg1Dx06jwq67b5ES0Dd6Sc3gx MCAh3zMaBz4pDeRIFFAjWUzWFTpexPvL3VL1Yo8bFvAmalQs4PFIORVyIi5KsVuJX7Qt9xyWI0Pi hdmp6exD0Uj32m8CeTEVC0ytrFG5zASE84sYfp+HV8fyCmx0eTG5BGinhxw4JTU6vqJgp202AR4J E+1PV9E9xKfmMktG5OBBXCSH6KLlrwcYoxgnXx2Hr3cKVds+vdfDCKarAWsni1KuKYI+waQ807ut fmplrchtW7QCpMxbCZ2iVjCiNWWFrPcPPWGwOno5ZIXudLi6fhSumXkPeyY49Oh6oMOUr4I13Onx TDivKY3LLTXUaxWF/ttD8q5gD3LLacrhwh6YuB12TaDrUQA+NpWSZo/O/D9j9WnZsCXeCmVuZHN0 cmVhbSAKZW5kb2JqIAo0IDAgb2JqIAo8PAovUGFyZW50IDIgMCBSCi9NZWRpYUJveCBbMCAwIDYx MiA3OTJdCi9SZXNvdXJjZXMgMTEgMCBSCi9Db250ZW50cyAxMyAwIFIKL1R5cGUgL1BhZ2UKPj4K ZW5kb2JqIAoxMyAwIG9iaiAKPDwKL0xlbmd0aCA5NDcKPj4Kc3RyZWFtCjTXdlO6WU5YkN5U+O8Z lmdK0ojwAxiiOu/Jb36Q1Cyt7F6U1u7kTvT1ZGPcbIvMUpW8umvhwTILwJXIWWLfg5c2USmgqVXu 6UnATG6dd9vV+9fIK7OiLaqDWmqeMkzH+UGJhiAiJoKWdGv286tbBk1yebxExt2EUPu5V4qg0nF4 RF1S8BSHadmizpaAoCffJxZ29R5doSxwpSKViEkbCQ2NUAGrQF1FJC3S+uFmUFjZfTP+YQko+2hw htuBZ2HmSbvBdDDhE1Dqoej5kc53TSrd3WszK5FhpgSClnquIDbVEYzAReM7dIcgvcosnGpaHUjL J+kuN+nPJh2OvJYL6+warf/ecK6iLpCDivHeG3bHh1dG2+P4/Zxz4kGtRwErDMPsfEEavZkgRgXd 0u1HRb9s5kZhy9SlEHRt05pV1LMC5wkrFfjfiu1AkAFUVzDb9ncGEueDL94VWoIHA0nidEaBcA+E SBAYPoVee/slE6ETJjYfO8vac6OJUWJhQqdbT/2pCyo+fpV2zvENr1tfIE45e0DQW/iKe3H4P+E4 shC1TqSikBbeY+gvXIQYgAmXBa9JcWcUyE6PRfi2bhSZ3BBy1smjyuAbAsorNABoM4GnmkkJzTlk 3pqUM6+xXYD45EFdkJmufol4OxihMRl6A89yGeOw+OjwJfJ08NMqSCtLcONJv8lxbW24eEe/KZ+8 hcLl0qRA4ceNZF3nqz4YGg5lyhkplUNl5dh14cBWlRNFGGvWQeD5a4rZa8ubNY5pWl7bxdvadR8b 78g7uwbIMvPykVqMQFQqq40Tc0JdOyq/UoH59iq6lvbv3uEM5nPnNmXGhO8mio0vL/aNwjlx5JdZ uvscy32F99ViwXjATkQN8aEWCe4QCJdwKfv88Et1YHNak+leucZAWH4KDteBR3JQTNmFU440C0DA vRdLt4SkyaYxMnJy46V3JDToXFkW8yL85SYEb99u0dS58K7B78VELTcZLv+c54durKrwGXGHCZyj La4AptQM4xf4nYRcw2Zv88DA2/tB8yZGpB6LfrUkFftCiG4T6WA3JsWcEZaPFnZcEyQSzde3bRHf Jhq9tF03D1Yw6k9hDIA3xY/Udq7RPkojV7DRBVlmP1LPiWEoRPOKvVZcaA5cRGQNafzYLLzBDxql sibuMvC3Sj+M0Gsi53/FxkJs0DorKeZ+i2YOslQUCRVSmNuh+ADzlEYr0aCjxKWjnG54d8ugVupu Pi6ybO3kHa3+lk1FUDPSTybDVaLmCmVuZHN0cmVhbSAKZW5kb2JqIAo1IDAgb2JqIAo8PAovUGFy ZW50IDIgMCBSCi9NZWRpYUJveCBbMCAwIDYxMiA3OTJdCi9SZXNvdXJjZXMgMTEgMCBSCi9Db250 ZW50cyAxNCAwIFIKL1R5cGUgL1BhZ2UKPj4KZW5kb2JqIAoxNCAwIG9iaiAKPDwKL0xlbmd0aCAz NTAyCj4+CnN0cmVhbQqqvf4s5Wcpz+11vRbV8l/2yH6zun/bhpu3knCcArEa5j0zlX5kUQEafFow VZY151mOqQmbuUnAYqzDAA7uqyLQlCUu7QwENeey4qX3b3YWG0WAf9QZv4UJd9JFC8WFrWlK5smB 26kKTmyH22DY9piofoGOk+2a7zN9U06Ghg2pkT8F1CSk4StYEsRp1zd4GN8aSZlMTlH84Mqfnl0N D3ens+BNseqPzzw0l7sOrqdbH5BAqTcI9gaOi7yrOOF51JjO3SYg23yl/BtbE6YEIuFc0SM/qU4v hzZVC4V0/pqE9wXWcqS98xVQ6V4rv+MBleI7Mw5AO5M378jt4oTYYvsOKCrAubV8ertSTmrnnOG6 iyU3EUll4XIMyQlEkephL4Pd2QvF6xSagJ1S/N1JLwSMbBULIXwQHpFMK/LzdWIzdRZmk0qIeFbS cRFbAt++G0mA57swa/NNspuaUq3ejzaH/NfzK2Eo+GDm5IuOYU6fGfOsnNHpCv2ZETupdgbot2an wQdsG6AocHvXISxxS0rgtgIubXJPSP6Gb6r4l4D+CrKplbpu9WouJHDx+C/wmHkaoUbP8jtrCXhb 08tzMQlXqpjl3/AwOOvvTQY9vzsmUhk+ZHefodRhX/EMKMa5DN89CH9tT7AEyOIBL6NXIJUjJAAX Kcq3rlA1mYK9pVWo4mH1L9jUEl8DImJ2gkMmH1z7499NucW4Bb2KYdwqKVBpTXIPJLIhm0ztCoH/ MXUU1DubzFtLDIyIT4xyWmg0Il5Tq8QkgZve4UQdvjEh1xnDGiUcUImTaWP5R7miOG58DZtlG6di CagWqv2Vo2jbQRQ007IHz743IAgW0OmZNwR2HXwbrKivDybTcB1ZzRYXQ5wk4+8LaE48QjHhxlql xXSyBMnw/xaiimxq4UfQBb9JGb3cpLpo5IE3M4E+J/MStPR7Sc1gwl6ipmCP107imjRCIr2qUK5P xDk3nI0XmFww02TsuZnr2QrDEGUoyCog6LiZih84jizBJ5G9NuNHt9MrIZCtWnmOpZ7zcSiPB8KZ oI8rJLFM96daEGc/TVXJyYPe2/lEG8Kf4yYlsYYMCgKXIV1vJ2O6YVO8q6peAI17O7y8oxDnD4zU ZntriEUIwsIPTmjNBN5OfVOPN9RXupk2FDSgwQhDuCly1fRCuF6sO1b6wGmRsoDaV81Rn7fhV+ki 1HrkIEzxujxFU+MZrpfu+3LL/39ej81FDeAnD3RAt1ZZVP05pIBy+lOcOWD8GL4u5gu4puNv9m7Q YRTj6IkB9wlGfWNz8dQivEwEurIZjBsDJ5SMbHk1vu5p+DfoavFqnTC2UkWHeatxVvYpjbftzOJV paPEyLCdfMFC/BpaNlJdNEldAsbmDi6fsEd19SqVjpunTBm610LuYJIKJvDa/Lild7mbj+WW5CYG Za3f9TNU3V5XPRU8s0ICqZw2M5HBpC+ydSZYjJK1upKFjViXNiHKJBB5rczaJZfI+YdicMs008ff qQXLqkmiS0V4Q5idfnFdjR0/jpIn2kJhzweZLRyb+7YKn/JHqU43HDF0uXwpLN6+7W6ed53lK2Gi 80e5nob+Yfo7942VnT1PD8yRXgRoq634McfLQFLNPA4M8jxgsh+ZNcCrWqfzf5+JmLoLTKufSqic UqrpjRCeQY0bj9Ru6eGpubnClANGeyzQaVMFP/MoOiyNM5zAOvDT0gMyyBd2YFNVmdSwyaZ/Aa4l EuyY/rxrL45gccaIp9KEocV+EgC7XtPtCc6egJ/DVhhX5Kia6vqJwCwL22cvYbOF/3HWUQlRrzwP YlKWYAWfKbI/CvoUypuq/QMOjdqjm7t1y8ONmlPorHl8IRkmg8OsEMoBuNQQUaeoEwtWlYfu0100 9gD/aij/KzdQsByJPbJjFihy0U/Ta2AnvSWeNh7fjNrHdgJI3niH4uFPQe09Zt3RuV5Mdy9eJOFR pVQr/Flpq66nPbGOW3mkuItgEPa0wItTJXoLi2jPJu23aKEIh5O+PKXZHuTB7o18lh14AMNaHrPM VyIIoPlReXK6jD/QkGzoRiujX/jUkgUCnU0SKUg6ev/RiaRVXu6cGEk4hWhp+CYFxaM2IzY2Bm+j EV/95u5rtQKoV4ZkSero41+pNgFQfhN8QxlsMEeSaylDPQreft2qQsdt2/NjjkhFkxYtF0AWtJbM l9ThND/rKcAupWCpSU9lsakwO/C4BtsMnK2h4NP/Psa21xHRehvY+bMQYxCANdzIH3fpXTUYM58x CqV6HCucgaCfLhJkjMdnWO4D9Xowv+irs5G5pAKGnK7VjXY5VQ3jmRuD74jy70XuJ+XFYbjgw2Z1 AouyFnLgv1wA3MId4kGSGVWuYH2rxMXmKPphISgCeJvmQqzSNxpvvHLUJ35f5kulPjOMZb+CmSU9 B+fRiE8FHd+F5n3oC2YeowR6a1Z/s88HxkREq2G7jJEm6WaOSY/phoPIOH/fL97VO/ipHSE1AyKK zAvRJnDAea0fhwVmL7redyUAUEWCiU48FWg2zS9KAdidxOvrOKgMcY17CA13liR1BWw+WhkD4Mz0 NuaHscPBLU3bjTBZM/YP+yUO4JPB4VMN4qIevFJECbjTkE1JtVSmWKaqp6+ecCWKbQfYQX47X9Tu po/5LtH78ijJmsDczIBjaWEzesgbaCLV+H4vFTdk1FsYYhwy5CRQF4Vlrr25t5A+p7kKUIED2LRh 8mjoSXZsnKmcCXEzpu5DpleDGmAyudY68CB0FJv39z0UqFYUDgnHja0wr71CK4Cq0eRAEAqJo3Fe vtB11wm1SNyUZtIDxtjmmPoZ9ZIeIYJI+zIlaFytwXrsRuzeA3Q8FC1V6sO5131me77Z99aGsSyy KEfDM95JPVfUo711hv9B8At58JScVyVUFF0Bbp0jJOS3NJXy4wjfSBdd87pkGKYm3U/jZdELXSAO C1nsmPpjJ+sc+mHolg1CbuA5KWpp6pIZM7gWyX3FxxJprbGlQqcchYxgafGDxF/0rpBXYBRhIgz/ UFqDXSeXBe9qR13RUqG/fKKSRPstIcve4OMdc0xZVvx013lOC7OEZqW6Tnoq1e/G5jF7BUPR1SWD mage6vxtk6BTEYNDFZcK6j19x8dBleoZLW9SPE21bkemjlxtfTnk1CuITii9JXR3S326xliQ9daU ngxCxkjSmLbaOSoLh790VkhaURaZn8N+GXDgj2zpt+vSTGMBpo3/sSGkBopaNBX3evgswAlvVH/e sTwUbpHIH/ze8L01AOZry4D6ttrm26p3CiPAzDAeMNiRwjjj9Ea7ddkUc4HK8Z2uINGDgq6lL4YF G36key0JhVGBCOWlHgK8JQiG/MnPrtOfS4QEJyxgc6rakFE0FeGDsV0j8SvqU/j77IysxgUDwPLG 0LjpVr8WWAm1zqhP66S2GlF5+blQ2WuVJeR+rBr+zRNXyN2U6h2uat2etUTlu7vVP807GNoCihwn J5gAyolgpuCoqH9Hx9fKnkJES/v+25QX9ntBNoSuXKIw7bXm11KqUhRCyxXCE8IJYBF9Xy7EMpb0 3LIW3ipInPpkhmpQqC2x2bAuCT8NUAisIcQAeDsbhiu7udz+c5Kl8OgavM3RZuVT2dOoGQb47nVi u7vxyNnjjn/qNFBls/KrKOyBrAwU2FFowVQ5qMk6W40M9wpXGT3P8TNq0+nnukOcL3oabR97HnGq eFgzDQjcrQTGXi6Infe28lh+G4zA51dD2+ExObEqPjeiDCV8oUmdW7jVvkaqia9BhkwA1PeyLMZR Q41qXBi0WHkGtnWa/D5btZfW7gmxiRdRRZiq811S1zsDQFBJi5SV1sQK7/sLCUkfboW4lVSXNLmT XIryVC2IJiSpRrXRbnoRJ5L+1CoFcNwPZyGyAhebwiz2uxtSGPTZTzWObkgTn5Ms1tIFwmxgiVu+ QFfZIn8QF7X1+mE5od7Ad6biHEXKgKHPSsC2CiRijEOEewsg+yGn7wOkpgCL+3Og6sAiRck/qyV1 KH+twhneavxvwD9TE4xwlw98El+PXX0Ek8S9s1gREVCfyfdoD4H/T4qxBA1/DBvuwEFId096JGKK 39uMdWJb/msvSHfQgw4eYKZC9t8TJO4YQ+SY6QcZZYxfVDdjntqA/2fBMHTZSYsxukyqjLy/Ev+H +OUk13opDFUAgdDbllb315RG2ktruF9NaQOEOxgCwddmptw1Qs5/u4syZ6uQTL3XF6KbuFJ3STcl SHOim+o9IuVL+NYWH2aLd8q1emn+x5o9QoTuciJJU3/Zo48uAi9Gv6p9WwcstYvBdy6gj38bKTAN rplUa263l+yzrYWFdILPp+tYDRvvf/yU5Y439qIJLwQ/Mofty/N8E4XNyPCPTtLwfxECPEpHEm46 B/I/P0pNf+27cSL7t+532ji543tJ8EBA6NkRczb0uc6r5HUgcnTzDsuEPZJonWO/smV3jy530Lkm FNe6C5T9w9LQin+sVpCsL9mrCw7sqHRq9iOxDuA8MPYPNuMYBitxMJkQANy66YFrc87ZrwSeRe5O rgM0YEoMblS1Cvicjanx0HSXTNZ63RG7LI+5gl8UUB03M/1fm6Av6z0D6PT+1V3QQDkZIN8uqULS ZQ5QR95NHRoH0tMqSpKrXB2odl7ojpdWm5+jBZm7E2opo3+r5/OQCmVuZHN0cmVhbSAKZW5kb2Jq IAo2IDAgb2JqIAo8PAovUGFyZW50IDIgMCBSCi9NZWRpYUJveCBbMCAwIDYxMiA3OTJdCi9SZXNv dXJjZXMgMTEgMCBSCi9Db250ZW50cyAxNSAwIFIKL1R5cGUgL1BhZ2UKPj4KZW5kb2JqIAoxNSAw IG9iaiAKPDwKL0xlbmd0aCAzNTc3Cj4+CnN0cmVhbQr4VlYMqMtDSfPwRt8B63KjiHBTScLdiHpH J+kLoWjZjjVyo5Qw7I2NFSRmKZfSUjYt2mM/qcLUSfB49v+JMthxAXk5m+K/6zS7xcYuXKXN8RNc Rpz3rUXhQzPST4sTj4UdYjxMnR0wAH3A0gKyuIIcJ03GGUn+frRREga4dNlyvEgWGAJ6DoRePA3z 232zvD5UgW8rg5GqEue5i+JqU77Z0DN/EegerGW11Sm+GMN3vTPs+ZQuwyWdifCTwCKxt/Gv83rW FH41WLJ/VEqeXAYeKJdrH3bs2VWnez/+fo4R7ZmyQP76uZr0TDqI4inINbw/mfw4FMNjTRkvle7h JtPF+OPG3C91RXB89AXxeop3n+1Gc+VHS+/HRMWbeyxcbArx/Pc0mrrfkWic89xGNoNRPy4OmxIu A/gcWxOeoR44GTBvX/2ySAepLRg8QXBTxMC/jVXsD6eNRKAZCceV7HXHd2POaHZIcn5EdAxgqQfg Kiq9We8wkCgpcG6oRgVaGLaJsPGMKsPmnggkbKKGHv3sCpKV0R0vmZmxsOTLJunI+JR4UvavUTsg kda44vrYmsvWcidgaXCV2QBNQf6jJTkOAEgJ43/aTi1S10AoT9MlF0YXOrvWrT85LpTkPyygSyEn WGzm/apgSKN1a3A9BoXwiNjD5Pvtn+eOPoeFmEoFaDXW+nvESNQ5xxIfjLm4fXCbgzmJzVchLpSt YTZBfgHMqgpykKoxCCeMHWc/23aVXIamyrGreWGJYr5A58nYlXAiLpQwQ6pi/7Qg4dkxTc3MkU7W qshGctZKNG6u6SjLPi+tr1ed9gXvu5YvrxY4YPF0g8sCC5JFJS2Y0xpUMviv/t8W6Z+8qYeKFXJZ sQJnISd0YNGytmARSicmGmV1UDftxGDAo+dDpRceyEZsTRCGwaLZXyISXnWXbR6n4ddQje0OX9Jo xNWEuZvQAdD1M99p/Ar1f7GN50iW+N/fcjednvlNnmnfq/QnVTm5a0faDQPhOYoQGNRMRCEmPDT1 p7oQLJP5uIaQumGbITH/HQJrqkBjokN6FXskFH+qmrLamnhjBArLIEihBh95AhCP9HIUomp+VD6C mR+l8aHd3cYdnsUaF2OUvxPGk77Vbwc6jZB14j2sNWxZ4Sw2oJzQRa+IRaHYqwwUUrG3EXl85hfX GgMI5cZKL+fQeTLYW67zaMnEAkmRzhIdMQVsBPHIHpubC0ZYcb5e67y7O2HOP5AJOoNSqKamC2DZ 7b8OmbFvQjDhc5zaTzDlNV9NWru4BcbGJ+MCottpq1la8v5fQpRJEuEbs7yCvvfrHrEyPpS/M45Q 4eu0MvSLfbOclcA3Hs0ey5Lo+9X0RxFZwycVhcbFh9LJKZN7xPI5ivnpsuqTLufW2dFl7YSHrXUh NNZ4f3G0RnsHPRxH75DUmi3zF3p76z63mUarobdoWdL9b4V9uSD3rEboQyobCGm8Byo6gakRjrkq UMsTZU1XcosXUUMd2rFqAhlxFnr3KdsXKvHOC2Apk2jGglX6/qqN5XGOrq1f/HNbZNIkGiqwhRvI LYKcBcqZ/31eg3dADDRqFRS1hcFE4obL/srJxT6zJ1hqMV5Ua+Hb0QaOeA7Rcs5hcOKP3+6CvQ0H dfbKv9AEOvSZOSrMZQJtqjgVAqwNiF9KM16/DNkCMwJbqLk3FKumece5rvYMjRaWnZToYNRER+Cb +UIDez/DokdrQBEZ3XtsHcs5Z9IJy11ZUDx8JusIl3q/khFo4dzwSHq5Yp+veqgEMiEcrP4Vmt2O D8oEmFlMzg17LOMko29AOTVk8M0ViUkh+yb0J5UBNrGqsJrI3WAENAAS0tQ/63zBQYMSs7dpewic +kRUx+u+EoMjYEl2DLIG+gsw0VnUN3q4mfI4YAXcdaGu7aCecYNi7W8qyP21Sn+pLbB74M9CWdl6 F0RUx9jAlw717cxhtROCP5ifwJbhlTGY/sE2h2iekfvzx4NYm6bBA+vq3OfLcJYGn9cA+rfA1MgN 0U1V1ZWnbj/Rbrw2+DHpQybt84LUSdhOP5cZMAS4LU/Wgmr1UqmH7GD4yrLrkGiRBWzZRXl//X8f +BFkXo6CSvTX5EXhhnrKFlT+WUTZIAGTpZDhS7ltLlTDbdfCH2AjJBI4ary4vo4BZqFVbFxm8ua9 Ch2z6tePiTibujX7bkASc/UhpyWiCIPygZlnzutw08PvAjxRbd1FWG4j0FTB5ltusjWOWSUyLBLF 8kPsmgc8/R+7MLVKfDAJMx0cP7vz/44/jLH4KnRSclNSj3Kg/YHg2JOVzsaxAfgf2srddrMlEWCi BtvPVd/mH1BOvFq6h3jQyMswUfTzL8z+6iI9SRywgcETG1ibdi3D8LkD37fJgRZjpEkx3LWaY058 A7bDWhPeLwQL9lWIqK8DJWXQVo3xPbrJ7UB92wS8xJrUROE/CNRp4ZVg32lBoVug0f13fP24xPa5 PGMpCbJQoEpBUEHIhU+IyUmBJdvY7qQbmbBlp1RO6PGUOG9ms9PRm5iXCdFIXl2IYa9mv3inPmV9 +QwPvU/j/DFYXE216pfeHFR/BRfG3RyIRN3mu5j6ywnojlXKizmgCKuLYviZxCrCwSz0LhgYv7VU qaGZMrwVvXKgXrp84TFHPFwt/w8E3fC6EXHRACb7SQ8eoxUosO+4PhwT5mUrmHKqbouOACvCtt64 6Vn8B+8M/PCuVjzKq4riHViLcoT4Ydm68qHx4aBVPOq+Kc+IxXmTDQH5IN7zoPENxSMYKKgrTj1r C8yQ2YQUeeqhkIbjIwA4Iv4pYmuUakwGLAv05j5GfxTInH4i/e4warRAvXOUgepLr88tb3jzwsA0 LJfZcKruOE97WTaGQDUjkniTVXZ8akKuHIq8WU4O8/9pIQeWJXg5cZNF1zetwSlsfmPkPKJLmzYA IbZwF4Y76aZmVUdMgh7horut3GJ9mXTF+jWM1XpunwRKfpejBhuj17cwdwj+AUMXazI3HWkiZel1 2odVtMCwhohUH/80TT2tds1xgx0IOfZe/+Bxl8bVqCWG552Yg1oUjDyxyJwKPR/IsyszUOa2Rb7q 9yg4g1pCoOvpmSVz/yUPe9K70eKMgqDZTyfGr6Oy7gLkYaAuo/LrCj5/YvFEBzmiXdnoz1h+zOkB mzpGc6vNImvc5ACMl2GFfqgFZ+vn5RTetFU4cQ8zexMmrelccuSxfwO6saYbS0GAdiNU/eEgyBsG kxf3HAhBzqeT5DZS2sF+qn1gCYzrA15B7lH+X8iuBaermv5OuUfsYrXlKvUG5AuYeEGbQ+nSy+i+ GqKfmi4hzxRMSPCa8aTqlydet/Oyu9z1qR5oBzqiSgBNXxq7cGrJvEbNTZTGYtqQ2NThjlxfJ3dL 7eMCzOlj/UGMDFm53E9prLXMKXPBOGJjWe1iRQuiHNTWSwf8su6EA/EjA34rb0bFolfPwj65TlO3 PJsznW7udnLr8XGaz+9McESAqRxI/z5RHskoFEtMhzL02dkD8w1AMsZned3V+XbtK2nymO+IfQRu kFMYnL4hsnvmkMUz94WJ552/jWJ1yachkhgYcbLMztqnZzPu5WYmteSQhKsgVBvkfBxRnKe9ponG Pe6sHw4MwoScgFRvhXzxf+oV9/0vjMQBQXx+o5I6g39j5bf39gHebcnKYAAO2L1n33zmcOxYy38L pJkHEq83y4rSz/TvRgUPrBmD4X9lfoO0aTddo+6/8mxUiJgKnk17ub7Z0IcrE1XGLFgPEBZd6jd4 wkmMEyHmF3aRM/N831AOSsf/YCpcZGq0hmu3WTbPEyLekyPkw+XT5BY3J/m2PEUTVvklCAt6qY3J F9oU6DXElMKFQoUQ5GimGnxbrKIqnz6ziS7HSOaXYVUAQS+UhB1v1yz2K3aOQYTwRo3S5JeC9VG0 c30cIwCbkBbEa5dCZ7Xa+mfpRcxx3saGoi5Nk2Do2LisX9eAanRiZrnUJn48hCWqyrzgZXsiQozu YJUBQ7cq7EgdR3aHwmU4WHg/hdSXjsKtHOYkYJCBG0aN59Bi/yeS5edBl/IBFtSwfObA15s2Y6EC aabula5twfi+AVFv2dxkGAt0akA94G1yjiLs4BKcEFdV/iGN8L41oZ0jklBCQvkPEvWIREMD0+OX KIFT3s6t8ubSFPkSoAs23hVOi90aTgoGl8EBXW1n0zKShrXU4oNZ4QKbLj0kSzNspu1e2pxYElG/ 3YwNilAnPQcZXgVqRC5+oTbss2x3KBw53Idq01GrgChRXxiVNnJ1kZEfNMrqr6lLDACtC1ED8ufM zT/frj0uzaEQe8jsk+PxSjh5DRaNARwEDOnbfavS4zAMCZYyaeQX1ve36oD4oUr6f+J1caPZogLv GzshPUa3OWU7bemhkcVtcbPoD9BFhmEHNI/Dc7odBL7c0X1GRp4UNnqa3zR/ImhrwJ4Kty+0CuWh zfbrYGteH9nwQGoNUgvFcT3KJ8eGlK8KG94s70sjcZuaqLZRKZ9sfZC89udn9R0ygVFS3UOH5u41 B/LLXt545SF/ymOobPicug04XEI9XroSg82VnEPmrku2fDC+3pEGH1vZFajLmapeEV6t7UZ17MT9 adDSPqRNjdLONBk4Ry33I9h5dJ3lDj3LEt9MbSJGRr6SHCOLJGdKruBiGuboaHVeOIrQscWF+ZxR 1t/+Yowo+M/9rrfiuQQ75cGAtEdLum7/+tDhsAgJzOl+LEWFYC1kCwS+wlZ4abxoH1nwkXE/Bml9 QfZlLZzF7+XWU9i6P2OcE1RCCmVuZHN0cmVhbSAKZW5kb2JqIAo3IDAgb2JqIAo8PAovUGFyZW50 IDIgMCBSCi9NZWRpYUJveCBbMCAwIDYxMiA3OTJdCi9SZXNvdXJjZXMgMTEgMCBSCi9Db250ZW50 cyAxNiAwIFIKL1R5cGUgL1BhZ2UKPj4KZW5kb2JqIAoxNiAwIG9iaiAKPDwKL0xlbmd0aCAzODcy Cj4+CnN0cmVhbQq9iK+W6lTcSv/cRF/agWTnJ8iJM0zzxu0D+eU2qIa+6z2zobY/kbNfqMstgd51 Ni+rzkDGKheBzAa6+wWybCQB0xNNr/YPuorBLj6ni+zvNogO0Ba1hc2DrDZ5INackk0WaQEj7BrH 46gM1f5YOEuN1dcZEvNxcnKRmP4f46FbO52ea3OEPNLxy5Vh/zzpVb2zExHpx7OTV8AkIuDKHtaK Qq+EbfjGxnA3/57C3KstyafYDHfoQtl6up3ksl0G/hzqu5bDblR2z9T7sVFs4Dk4b/TybBeQ25SI dF9pl3qsvinFBRU/wg7zSPaBA8mahvijBpbZ8P1Zaj4c9++k9dFQX63jrXLEWXvaRraDB6bJ2wr4 1MqvoFFlH1ysZZ59Dkhrb/rY+aQe03Zl8fSfXQCAg+DwnhLkmCyU6XAjnle3iuKw10ROtEggzLUb cxsF45Awi0cnjk79m8RulxZbh/P192OqheaOPnnChoDZg7qB0wHtBPj2YoXq58pY5lBkqA+jhGRh uVLkmeOptOx0+IzEvYNSs2OtyboO5R4mfZsumszfw337pLx5vGR7ROo3pKwBkuRt+hTBoLpjk+K4 o0IPvPTljPah0NcZmu5QsVr8zHEihicQtpijzKl2Xdrq2ITOUstLf5em17CSSE8aDufq/hT4FnYB v84lPY66NyVtZrcezccV40MGP5nYwx3nSDlzpnWtyj5i4xDn6vwu5zDrY1crfvcLHLTKzmGMt5ft 3fRrFo4BoZXtn6MOV/3y6mKUDozOjZhaww4fButw/tEWMAN4r44R05nLn1MM8s/Xdcbo0vIgulPa 2XQNBdTCMltSK5KdZPZrhzyHAYByCq198n2YH948vFxJtZ5c90zSTRddxR08/ik1NYim/DCOVJ43 5G6/wKR2pM7XXV/MYqrvOlFy1ICzbZXbZwNcgT7IWx4WZ5xF/lKbvrftG/yqFrcmHuwncnttUC2F RlxPSjK5AWLSOY6kpYVbFID8pGUoM9wpMHBsEb0AOe1VH5YZO7tT7hfn0OPna5eESdJ/g+GaBP52 h8+XpST1WkmQJ6yrTw0DQG8HO34XK2r2vB7glYcU3JbEqnWt9RbpCE6snpag+SiHmVHB+TSV79EL aVTC4vlYCoZi/qPYRABOgPmcbi9+yDkLzhSKO4XH4XyBZ8UQWUvF1bxPnlmo85agdeuBrBhxLarU ljr3dXQZLezIIkalUsRs8KhoclXFRIXOpO32htAhDkVk2lfNCSxLN0OnQUEqbUFTdo3Xc8YMPf0U 5GdzN0LoM2zwQkgf6bzeD+cLZu8MiVv/CAwV4Ik6bQODwZWpGn7yfmJHfyLRYd2keIyksrQZCb/1 ccFYsjSReGGFCy0WtJxkEMGfWbzP0UwXl62nTievSHDufv6DuLfW2bUWpT5SeloUBxGOCzSIjcrZ fb3OkSfMhgF7uWSzJcbHvQoxnN3tuAem8Gw1I6QlyO1mECB6kyVTnI5W9VVkr1DFBkFe3M+aNXpV iZnI4vDIM3OJmMVbKHy0dOgagvgKEQsVGRJfumDcWjEDtppE0whebP2WEyspBOFkz6RSkEZj2vKR 2KJYoz9npuNLvvw1Yrj3H14h5RohcQcVYLn5kdiH23E02y2kD2Dn59ZZZWgfNZbmGCvuj2cDRiIC G7UnOpdA2P8ZTozdz+69XCHRIseAiH1QjALIkJGVx7761zirctGNFjKDT2HDCkjO78zegQggMQXc CmoICnaCVMsM0BrTn+pRfY0tvxfBrJZ5jA3uK8H5spZuqmTjt+I2VCpnEMtG3WUiNXqZkdQoNP8B lrGIn+Rbql2VeVqpHhDOPHBIzcEH6HWtD4YfsqmkMiht41qTOTj43Yj8tPnrmkpqX8FaGyToVqMm /KNGlzZ4qZvBi6lN7DKx6oIQLVyYv4othjiSYN9Eu6K20PiYU/SwixZOwm00eZiVspfiEmmft+jn 3SvTx0Ah5XGHbxxaGOzSLca4wX9Elim6YNZHngzyv6nCVRiiV6nog/9mlsywei0OeLMoZA+qnGZ4 u+7j0Yg0am7TkD/0B3EbHfDOkqB1+IKrMninHHSGXF4+WTlVNmV8vEuixNXRZQRxY2qDaIDzh0Fh RE9YdejwKcUKP3Erl2wvfPpjAmc9XB4heejnWk7Fu7mmLfBozms7fBUCVbAmBTWj7Lm8Wut+oXBA nZxZ+ngZ7U5mAE9ROqM2ck8IZk4pY+nE8z0QIRLQ/2DzZooFYX/Q1udfl/evQrztBwL3j2aiRMic 9lX17+61YfVi93yKQrarxkH1RFulepUzdwgg3ZKaGNmbvZoBaOUsdiBZ/nd4uXrfzPINoK1kRNJO niEatTBgZtb+MzDJrmMMQNLP/VSR4s9Vek49mFnN8YZw5qI7Ko1w3TAhZsIQk/QBCKPWeqvG5TrH PottEj6SE/cWMGBtCllICoS/iJRAAfL9vhYBYkVJqRAvGlJ0blsOhOVFndUoo1oPqldHrNT0leCr JSlOC55Dl85VQgHYMwZrQPRhJuTRdy5mdQ962vyCZgkN7hBIiPoEUquO7F4x5cka86WtOztfc2sW KLK5DOZxMnC/dVb0H/FVd5zv+f/IKUH5odd871T7doHtEPweuaUG0yIJjE502UWqIemYnYvBqu8N VQDKa3qvtAib08tuErfXfkUeebH7XIV5AJdRcr3+pjHvW8yrbuXpRXu2w5xph5DX6Wq6H21LADi9 waDpR06GMEt+2s6f+BJGzNtulwK+xf9JrSafW8KBQRWN6DbHJbu6cmre/qy54UId6X4Kj1fGHCT7 EznBo+SGwIQ4ZdNKFRmafxB/Y9UMuySH128QsejK/rzNMH8eN/g4MCLPJBas9nIIjNDoQGiavf6q 9uz9s5ncWgL+6/3tnkBb8Ub21B44QOsvMHA/gReUFgifbCeOBaA35ODaXeOXX5k6Oe37Pvll0sQW SpuE+mqX6iJY6igah0c+I73knYvlxVnRk31kz/xky3T6upoIfteiIHJYD2aj9g7s75BlCZrc2BSD QKdoBnjwJ6Fo/fmZGkw+hK7JQRLNH9RxPKNMpgOJ0e+FGjlfnm2cOqwmL+mWXOjFbg8NFYQpI/F5 yJdqr8yj2DT9qSMmhIjo8rio2iUi/Ok27M34w5u3/+QV/HLMYGz8UEM204dxCn6i6dn/mZ871EqH RjtzLNd5e6/HTQ0HyX2Zx16ZXm1INdArzqCF9emxu/Rb1JECaqI+CvJWUws9eeGyovgh1ZtcAxTS Csl8ggJAIRZicz5hMCBXCMRWhtREqsMUygm55qAj6Jh753RgHLvXVU2SZE1KFpGTcm5/syCL62/a R2aexyJlr7yJs6sh9V/zfd2DXmEeOn2PdG2Ct3zCRV7RjI9WX42S6vmIluxlVpytuBHEjgevCHUS KQI+Zj9xefz5vgy7OWxSEHlFA4oS/83HSI/Slx4xtcQQS1oV5O4ouE/Fa2FxbE16yABEaqIdTDqN G8JypPEtbqoeygd+6lmcR+l5QUpo4s76+MPBvNr+aCVLW3Ej6UTLxqeiembl4+PZOj6SWwpU7Dv+ lOTgLEWp7nAqceS5pWmQgabs4d3bjgdCWafiqR909qVgpy9LGpaUmb9GzKXdleCY7TXQuqukNt34 Bl5u2v2t+ILjGeIUPLvvBgv/+WHVSBPV+Cb0+ot3VwDKTiLvU6pug9Za6SSUx2Cp4TfVk48bnazZ E0q92xOrMjwgVpElNhth3+x1fVcklmUPSHA+CLZQvg50Qf1gfsDqS2Txi+aToUXpe79bxInIDZbT rQKMpJZWTQXKpMyoZqH11zyi4g2wtTmZPfOe4b9x/ar2FLbUS5n3o2Jp/y3p9nR6LIjS7TY6/imn QzrCBeiD1F8EzufHmodacQmw0K6sxJuaHx8je73VVTKQR7RDPQhZugiiqkwYouF12U9h7Cjghr1A RdV1wDrwK1mBsSla4AtYa0lmAf8lIJEhyyvJu6DLWZpvQvX7O9iMFv/bUGP3/ZwlUlo1UFMtlL/g a8+RR/PTl9qM8srGsE5yX+sW+J/dH6X7pa7GLc9LhGEx9OJgBkHpVfuOjlg1Yjt7zrjUq7gQMt50 GFweb0Wd0gB8OopU7oS2Yshmh1tQ7IEwozaaNebT41SnL+swvFaH5T55OuIGBvlSeHxN+APK19fO SozgY0SyoN05UCzqgwGMhdJE6o0oKJslMayR8nLXEJ0ZNvdrkrd6OyaqhyeQ3waPGiKViJTh1Eru oFKprYkYo/MD/7Oxg28weAH+6p7q8odHczLMRR3MmSwxpgERwNPMHYJUwl+uR9oKZDi8cAG7Scvo 64jEDXdvyxQV9TFTU2YT/EEDddIqQ6mvhTWoSyl+00C9pvGXPO7KryV7ims/ARbX/zk2pEMonKUL 4HnrCMScNwELRtEgxlf661xvCDt4lO4VfgWNVr5+tdujr5prpGsTlBSEJOg2ZVBOpkuq1Cz53yLo QzWHjouAOIvd+hYZnAJi2AyKZp8BlpNNvifpvfimAUWoVgwreowt45A6F2i+rIvU8rsdTXl5oFcm 91jqFKm+fk3sYbqsfiaOBcoSktgVB2czf6xPwp3XEknzgNVnVC5gUn72U09Ep2opSdKxblPdgLUx hNeOAdcpPDIrksYr3a5PS96hcwIONvK1Kucz1v4SS2DPdFSssIvfI71YB8+DFdodZXtpi+dqSsCr wFofxY6gcApu9aKDHQxQF4UcFx8MylSYZ1AFL8mC0b7tS8Nls3/aC+pUGUAIfw0NxPjxL3kzeuSY oan6Y7umI5ZgAXFXylJD9Q1H/4IF9dP5bwPUdJpgmTh+2yfOlf7j14xF4VSeHcrWwbk8jhUaYdCq 9u7GXAIhV/2dB0gofFDjE/9Dz4VUEpmy/WE7TRB557bcZc51PrxN2WRyOTsaQMXSh/qoA/TDVx3o C+ULqZOE40h7XcfWVcA592O6RC6IfNaxHdZ/JRCSLlv/ALbX6QmTgOk8jRbcHGROLAK6xLu20m3n RegSmQ0q+cUrXtLUhRPmLtkMq8RX007nGzyxCe4vREjDzkC8pVKwnQowpjI1V4jyc/1TTwyPLtYD Ug5hSAwiJxtVvoJwwyT2BmHwguBdIvEACKVk8yUJx5j7+hNl6hWlJHT2UvJXzFy2w0UiV0ss8Kuz Cn9DmWRHLwplbmRzdHJlYW0gCmVuZG9iaiAKOCAwIG9iaiAKPDwKL1BhcmVudCAyIDAgUgovTWVk aWFCb3ggWzAgMCA2MTIgNzkyXQovUmVzb3VyY2VzIDExIDAgUgovQ29udGVudHMgMTcgMCBSCi9U eXBlIC9QYWdlCj4+CmVuZG9iaiAKMTcgMCBvYmogCjw8Ci9MZW5ndGggMzYyMAo+PgpzdHJlYW0K V2MVxmILsCHY7ZhkM4JwEfm9xRqpFDc0FfPIwQ/JJi7CX1h9WLPiZPOGTMnknIY3fTuElNcXD4ZU 475EaBBSNjqGChk1V5pbezBhAD49e/PIb4oeq+JgOx6StMs3N5n+M3mY/xt0Gfrde6N8bOwi0bMe coZLTR0MQYtCejeLG1ya7lroTP40Yp28nX5ZGF7jp4y/JfGC5dpV56EssKXarp/X2eE3GS9AvZqw pB3jajx54jJFsYwZzpy71HbOvg78op7bS6JjMf58IpcFM9RamvVi8zZIT9HrWSD8Q7h6AO13vAzn IEFXHZmzFzBY2Pxh5HzZ141RTTGZ5KYCV/COLxUeAVFKNS5r1Wj937FM35rew0qVluGb88jxhXHO EnsmM9Fo2SBlHcsyv9+jRbwW+e8CCyI7HDSHb03UkOxPnZ2/9KWPo7XCU2c20gPiF94G/tMB5NDd 1rxXih6h/8zuSx+d//u5n8O05fen+CFqCkPSHmQCu6jBU1CB/aQ4kc65MHSAGF6eWzVDh1x2fP4P EMyyO5/wjXVYQeFUlrZNKJM/JOuyaZpnnc2AwRjLtIibd1TNa/BkkBRjbGaeXByixnhprGMqCpxQ Yg3ibqKYK67mROBFe+PgogCT7cRjmPSguPK9dD1OAxrhQ+F6vQixZfdOdfgnG2zxjg0FjsNGzjrv /ks1TT/BjahfDYMkf/Lc4IiuGsu6ctYVZVPz3P+I9jBUaKe846nkdZE0qzrxK9T+tZIvaP/ZNloe 3Fp7610BCVB0Z8ab821YPqTRymRSivOZSoFcOAK2vEiS6AwO27oI5m/ewLXofyHRNpduQorBsjYM IFgNHDpRFLeL1+vUEj9QX92t1kMEGKPhq9mxlSbfqhQyG7UuEIfb8UZtHNW+XIzLzcv7jh6jp2hA wdTthNAGpGaIx94O79m+qjavbl3qPTqh0IZLb33cRUNoFNIJmuIyESSwAzlmjYZrjef1HeGI+Is7 IgTd+E9f3gl9bAUOvIyMFAoEE7EcJP5Vd/TXfizdiuxEwT0XNNoxq22pm/FDmnTl4191xJcYgHex 7eD0WfL6UkfA4nj/W19ituw1TNnlRnasZgh37ELH+ZpnFOagKgh+acSKNqPrss0Ok4hBK5dkG0pH 7O2hxBG4AC6xMrq+7x/ywn32yo+E7wm+FjNQv3Dp74i2HhoqhH4gLe84xyUP17mivWleTsyp+9+i TC8tNTPThxqGK3MGznvRbrMrcq8Vm8O493AewajJE2k9XNHHNsiu9fCaMfVM/6NnmjeMUygN3wqN NUNUlFl8XKiAeLLX68F84OdJXiWbZt/r3f7g2Xp12itsUEO+A7OtQUcY2cVA1gxLRpkA2VOvWQzF xBc3DxJdcCH66JS7L/z0C5s5VAmta/qI8tQCoNGVqzDhAf3rxl3Xqm4JwFsDmLIAgl+aOtNgfpyk 0C05HhNHjuxR54bjwuec6UfseNvo2DxKyyi2uMvpsZB9JscghlbaDGwQGdx+SXCO5Wv+QxOAym8p zrqdeUmoDPbiR0bsuaweS/aYCJ+FUiZW2uUAokVYQLHYPuGthhP4SHe8AQEW50Hkf1YR1k1a2RJ2 XbpUr0Ndpk3MgnbK6+8i5GRKyH9ZnYRHKzP6ZwfZhTUFf0rG1767JL1cVVq/8aE5f8d4H3FmKfKS J9uUzbAvnZNJoJTAW18y4FtHh0SQvrSx2pDFhZSffLxcJ8HnU80vZUvwJhQtThAuZrVOS47bF9ow 88oG042RHyMiVLsbL3mQQYsTO67qy/G14n5Z9t8jPME/fAu7E2fEatXqred58pJxLXFn2C4GP7lF pq5yISC/XElPBKYg1cr7K/zYUShH+fpnW+1ri0lgZAF21gopaVcVlauYkvENFlWqN0iM/HPtcpHM 6LHlDISHnedanOXqUAvC0zBF0xh6zrpGicmsfaOBZYlf4ytbGFhuUnnEYnFsfYDpKpHEcCr+QI0d 7Ch/7b5X4bY4iLSaJDyAExALw97U+XQ3V1jCu6AxqyDiOR6cZ1JsH9urSbCR7vDNn5aCTVJwASAp COihB0h9pJXWWxLcvgQGSOsvhsiTM2YKkJU2433F77ppJBPD8ZAhB/kyZOLTkuhMzDVwOieZJmvj rtXhNa7w9LR5B4nO6WVYaX4Ihq1BggZSg3S0f8W5Ls9pG1NI3+lvvSZ7NG1AKfe/ApK8QS52GeEo rEWWot1DyRGgup0HtTUrjEOTyKv9tfAIzG1WwG/U/i3Aq9O+xr0qm81+iZGUwAYpmnIQ4El227yr A5UkEGNerkcYy1LeuBAxC8+38wkG2QgexvjJEQBvPwfOXZvDKYi645tQ3+pngbtwO6mJCegYEr34 StS1VyI8fi61KU2u5fjTZS/Kq+Q7RMt9dpVE1c8kS0t02RtjAOf+Yn2Fe1PnqrGu7lwMMFiKxtH8 eVHmM1ho5EXZ0l4eUqcdtcqMCaSvZDCFUAuHI+G7NBTxqZMahwNytFek1qvzVLUR7gfxC0LVLkNA 00GvmDFmBBbCpOBnxK84JVqo8d5FCxYqtINHnbr2xKjDjnDiGxo40Usouvpvk+M31j/+GmA2OcYi U+r3fTeT4xWKUSsC5VNWog8RkurWnI0WMcc4qKp+bl5Chm8g2xxa+9iMuC1tncl4TcUbp+FYURQf +pFquY3ve5Ws2ogBznv2coqOvMdcRka7ZBKjZmBhDKwAk2kyXkTbymx2RbSDIuNkensI7E4pIUEt Csu2P6WbWwbiP2qPAkdt1VtvfqwF1DVlLHRWy3KjLWJDyEu2eiWBSoYYqbWx/WrjgSF/mzgNKH58 aIdGlm+mA1w1KxqAerRwPpcWRqBFYdJc9abmTDQruKVTpy2xyesUqtqU/+xBhL8DBUnKGkSkjoUf UzViien7opYP8YWxmRQ3Hw1WIA1mQpNwI0TuaApCdjNtypGi+FV3AG/A+uq4IawzUn2/NhqGwQKx LUYam+gsGZ88tULY8KzZYMorUZpPxpyDduNu0lKhGMOdzvq0P98pCGQDkjhw9P/Hef8AQoVegp8v ssgdHy5YeTP/bQQm/up/95tsfznYH7OWEtTB7g/zaBs2LnhFy/EXavmkS+BzZosaQEUN7jRS4hhh UREzWcWvvEbWAmEohIRfzyrldh8qMpEMcvvsOuaFiXqLzDbBxLnxthNmPrp/+k9de+7jaO8LcX0G u1A//X2RryXebwGBkl0St7AWZ0Ek0yqQfqAry4lJZ3Z4Qz/iUPw+rlR0qSs2T7ogf0UT48fKxOn+ ft8fDwei5Or87nbE0G7M0p8f40IzjCHGjy2c+fnFyBQhaIqw2/KHNzgrzyJymKqx+w+78sUHsr9Y gvkUsc8H+pS1yI+EBy74gzS/9CcYiFTDDGBwfCeXEB++17GAH+Atf30XfB2mjJDX6zv5MFbd8bxL OvGc+Vnb52UbXDkbDQwGfGxFd8mA+CJ0dY98Q8ICZmSgi4ZkabCqb6jYUIY7jeSehGz4QIrSalc/ PmpeHdRAbnSMBfTlVPa0wG3JFIeuc+EQ1qwCwr3ixAHetZFbPWMxaO99woilbGI1G2s3qRBS40KU OKsckX1eF3DmnjzlYX7dtftLSIgRQ4Shqecms6oASHtvdPZ871rbawQ4JgZIaAzyEyoZfY/bYrEs tNHHPK8gEH9/oQHO+FhqMyjWilboqPcYNjJQqutlTYcjxw35kpgQ9C1mnmLYrcdwYDcto3Q8p8jR W4q7vYOdahr4BbVycnCEMyzh2pybquPj+9Ose0bx8nS98xTZufn6q8MWeHLSayadgqEHe56DC8c0 TWKLDJC5RZKVyTrNcOLUCsRD0J96WejkcMwwLNMQjDIVH+Xd1BIXIVELUUMUo2O5LX0XSBTeXeJZ xHOXq1tkrC7su9ArOMSgpRBglGAmSqY5qscB7MUeu3WcCtOual5mjCRj2p+RVnC/lk1URNGZsgxb 1toXgWITwcwpPbuGcTd3gk3b+Od4P8ASusrdilMukfQUEz4/FadteJ8l4jTCUGnRo/1C5V9oVfX+ NZafodE0FlBWWqkuqAqnM3DU6lSg5RC1fCmV8OpxjoILgH/x9dGarY+Xda1oaG9xEJacW98MIOrF CcGiKwBUJClQS+uUNe6jUzKdvoXUdArB91nwNfDQBIfYXp/lWCccCRalg+ivJT1lAiXOBBGHeAr8 6tYvSo1LUlaW86RG3f6BI/CTv4H3zTV0RxEspeUruK/5j4mIO5eVIPiGj+Na+8rtmfNktQaInJ2B QIX1+oIRJCdemhmp0eHXwGN6DOxlxuscBBdt3AuTawVRUQXnIhCznQYDuM9SQVY8lVAybPc96U1N 0qyMw+ZGFHa+pYeiE6rI5YtHKMDF5Q9Qw3ihQGDSLDlUemdVXS1Lc6WGis136Ku76q1l7iXWY4kM QxYEuTcIN9cibZezDJ38ztRu44bBxmE8awhOXhlXJZGQAbvM5PG2Mg60enhFCWU9CxHr5CScNmuN IUqRPP7EAmAELucWJypCsMn0ImkJzX36mlOPVoBLAb88Ox5fT3jyZJxCsZHPO96JDt9AfPMOQGPK b9/NbFq3eggBRFgAvihcbneZXf58kk1sn8d8tnBlhbQfShksvHwPXU/SIvrXKh+aQM3kvYwx5l4m rQR8iva8J7BjFh+zfyzvQsjo5ScMw/lBkMPckJGcW6K/uKAWCvjRH5OHHO+1B+R5z1sk7nn+HDoT inzgRNDfjacp/VjmAhr/ejVkCOrBGnqVitdYgqnB1yLRGVoKRxhBbeZYbdbTnr3rxCpp6L0rBvKq zmCijzZ66oF9BtV78j/Z4OC/uurgaC1QxqDOTfkKZW5kc3RyZWFtIAplbmRvYmogCjkgMCBvYmog Cjw8Ci9QYXJlbnQgMiAwIFIKL01lZGlhQm94IFswIDAgNjEyIDc5Ml0KL1Jlc291cmNlcyAxMSAw IFIKL0NvbnRlbnRzIDE4IDAgUgovVHlwZSAvUGFnZQo+PgplbmRvYmogCjE4IDAgb2JqIAo8PAov TGVuZ3RoIDE5MjYKPj4Kc3RyZWFtChLmXfeQ/crNQsXzBjYlr6U5J0bEsNltYouR3VmNd25LOD5U OTLydgOzTY1ZP5TpZthlW9GFij6nAZ/ykDX29vybOl2j3CDTvFMOg07KMQiPmhcMcJK/49HNy+5J jJxDbaPctLhBMeCP3oCfJKo0k0XDEshdsZ84JkcaU2k9XjQzDsbxWPD/8MdpWEKwqOvTd90qOLK1 6X23bcqGbEMMWlE3EHQUX2VDONaskdXvHtEwl5U2dLuyWqTXv16QSpfRK67PsynqCVEegJGMfA86 k7E8N/SYAZ8136hRk+3flJUwWdArbcul9FkGN9g6m78tnyDxZyMBPPXHhzPncR6sj+8mG+kSSN69 IT0kEfw9zlYcEvSENEaqE8HP98kuY3ssUsymVlgC4rhE7ePnfQ4GQBp4PrujrhzKI2LTQk8gJISH 25jH5RSjsEZ5D4yDg6LlpSwnyni98HSDP4itG67fHoVe67VKC5jUg11ie0oU4pvWIdiniQUvwg04 lFPHLSuEEPChZyrVGSCVBJbV/nRNYybQ4XH2qRYyo0g9faHT1mSWKFvpjgQtSmHEYToC/EJv0oxM Mh0Ici3nmvPP/7aqL2zB+ZjCe8NqO+A8hJgxwS3fdyTF84PqHeqgoMB2PxWtYIuQUi8QUCNI7Yuv QL8SuWPpzQG/QFq6hm6IoG3y273KhytLHM1j3+gvqr9pGUOyizw1syhiKJ/S84cCCa0lF9p8Dm7f Qim9PrAeZAoCemeTMYE/YjRWXLwt+DtwY9OrR7Im8dUllzzYaa4Zv0GfYp+pT1G6MGPTmQcey/5m yDJkDZRUMXucD/mchVrriEmFj8Hy/DlehURPO3tT6RJOU4mCJ8xYK/eCsQDyrMZegP7EtAv110sg YE4NkW3DgnUmGpF8GCIcFnoyEFyd8nbhMdWNrrXmAFu9VaScZhO3taNngA5vP6376jnNVmsThXpx vTjRRTewz9DrVtoIKFs4aFrVEUU3ejKHRTeDWgmQuBffu0x1UnwiCnd3ha3ZLOwC2Fw0my9iHS8o is3Tu15rYIjsnlU03a09/0oA5J/VDgXq4uvBxUc766PIjaRNai1Acl9F9GaB5Y1OBIOGIcid5r9V AxM7K08ztNs43JiB+ZvfSdNaGUjxTWdPMTJAasRf04jf7dSdTJIlmN5HaCH5fwNJJ9Ys/VTuipAW dG1fDxFe6aKTfN90HTKVybGpy1YqvIYF/PPzyXP8S3cOcOENF+r/P7d9F+5u6MAhaS6mh2MAbqob t0FIBGv74A7NUPNaXMN+6/LPosvSxctlCr04OcqKZqzhlsjLoeArCp52hDzxdG4XtGlL5pHuuGu8 QRQCNcYmJr2RUWkCttkojdIuWFevtlHkzjf5JESaf+g3X6+Us6nscfLjudwzZVF6F5WKFrzvqmyE hsfIUgOB7Wpj1xeDJLiGUfBC7QxundyTc2125u6P9Kf1rWx8EADDidk99/Nf7GPIpUXkOe16uApl 70ZxmU9FRED6ax927Dipf2ycZKs9M9RHE68gFDULqFQ6xY15KGqq8+b/zg8NsAs7/C6XD7sJDRfU fPhPJfqmFz5C+EQNXoBmf5x/coA61oeBdE2eXTuvbibZW0PrxguOeKWvvPx1go5OnKnqp71fxz0+ 07yZfwgwJo8MDhKmA5fZtzw7Vn7CKeVNh9eDEaUISqP5eFHqCSlEDTqcLWfEY/jcKVEuBq4ByC01 MXSRZDEbDs8pczOvT15UMc+T1w4SXYdVRwsoid/u9xgcL3jTocY/L3ehXeLmTX/SHQW6yhGH9c/p 8UCFJa69DKdPSvaul58x5mfeMNXOi+YtGFf5vgvMrL8pWKYhxgm8T1/qdgTx8uN5Ap8E1n5Fp+qF if0GWPW7sPrpbb99yFRRBcebqTcezS4aBqlimqavSRIdAcYHaBWjC70HqRzEZS2I+YskmHU8srfF vjmjkSno9jiD+MTTKsxXm+Q9iNez9yNCozzE5LwqBnDukOS6dLaBcmCAoq2HmX8a6nDG4akkSYsd +6CopLYC+4Bii7CT5jgBD6AccvXjYnTb11dFTtB9zmoMnyEg50ZkQw3gaxmm76rxcza2awVfRUau RY1g7AVVVBFAFNLM4QPmpuxei7JofaG1bHPQQ44BjwoZwqL2cc4ZsuwIZolhE3VnjA4mBz5wPrYV iDpJaDbhJzjglpBP407CHQ51y5aMDOfaMGwzAUgiODTZJySQIRoYE30aeUFEgpDtV8Ym0T6wHZkk KoV5m545k9V6xlfTK+Kr/hM6+LjAW7k0ziVgGKaM6GPUFXphmI81IPD2nbZFeFNlfW8ZtTZqLmT/ dAYN4BzUDQbAvYVCeQxlRRlbTtQtsN0czLwvXay+e9objjaU5IxGDpW6wg6lzmit0sjfheu+e1xs j2A/x8kZU3pW7ql5BWDKZvKGPVOIJwanrKR9O3zXUQkenJ8q4yGgnvZ9FHXYe5dbnyvZybwQuWQq eMPgLqT0h0nVfFuar2+wswmYSEhIs7/7lYlVFz0Y09Vp50JGBIJ86je3nJv3gN0pg4sGLMatB5t+ UMMsKcJDMcY16wplbmRzdHJlYW0gCmVuZG9iaiAKMTkgMCBvYmogCjw8Ci9SIDMKL1AgLTM5MDQK L08gKE2oaxZcbmyDFF9+pzZ80rKjjkweDhf4GvWpPcBcZnhb1kspCi9GaWx0ZXIgL1N0YW5kYXJk Ci9MZW5ndGggMTI4Ci9WIDIKL1UgKJ6vEF2yrG56VJDVw5x7aCYAAAAAAAAAAAAAAAAAAAAAKQo+ PgplbmRvYmogCjIwIDAgb2JqIAo8PAovVGl0bGUgKH+9pdmiu1EFxmMY5GAauT57ubPHkAUfnLLC XukFRKoufBy3KQovUHJvZHVjZXIgKGm/5N255AVM3CwGtyUDpTl9tLPBnQUP1azKEukfXHKvMnEe 6nlDi5c389dyn7p3n82ALc3fXCkCRP5yGpVBQqE5bNiwJRarpKRoAXp7iPRgqVR1jNqTTZdfSBSO 9X8QIadzdWD3/1wol4y2yCQiQ7OGZqqHvgNNhP5hFtUVnI2EoUnoqFv99VKxnUdQtKz58581QBi3 hc5gWhvudq4ZQrg6QnaGVgG9x1wpMLMiLTgpCi9DcmVhdGlvbkRhdGUgKHrg9oD8pUFfgHJAonBb 53wpCj4+CmVuZG9iaiB4cmVmCjAgMjEKMDAwMDAwMDAwMCA2NTUzNSBmIAowMDAwMDAwMDE1IDAw MDAwIG4gCjAwMDAwMDAwNjYgMDAwMDAgbiAKMDAwMDAwMDMzNiAwMDAwMCBuIAowMDAwMDAxNzgx IDAwMDAwIG4gCjAwMDAwMDI4OTEgMDAwMDAgbiAKMDAwMDAwNjU1NyAwMDAwMCBuIAowMDAwMDEw Mjk4IDAwMDAwIG4gCjAwMDAwMTQzMzQgMDAwMDAgbiAKMDAwMDAxODExOCAwMDAwMCBuIAowMDAw MDAwMTg1IDAwMDAwIG4gCjAwMDAwMDAyNjYgMDAwMDAgbiAKMDAwMDAwMDQ0NCAwMDAwMCBuIAow MDAwMDAxODg5IDAwMDAwIG4gCjAwMDAwMDI5OTkgMDAwMDAgbiAKMDAwMDAwNjY2NSAwMDAwMCBu IAowMDAwMDEwNDA2IDAwMDAwIG4gCjAwMDAwMTQ0NDIgMDAwMDAgbiAKMDAwMDAxODIyNiAwMDAw MCBuIAowMDAwMDIwMjA4IDAwMDAwIG4gCjAwMDAwMjAzNTkgMDAwMDAgbiAKdHJhaWxlcgoKPDwK L0VuY3J5cHQgMTkgMCBSCi9JbmZvIDIwIDAgUgovUm9vdCAxIDAgUgovU2l6ZSAyMQovSUQgWzww MWYxZmRhYzU3MjdjMmExZmMxODU0NDk0ODk3ZTM5Mz48ZDA5YzYxZmFiNTNlNmQ0MjRhMWMyNTk3 NWNkMmVlYzg+XQo+PgpzdGFydHhyZWYKMjA2NDgKJSVFT0YK ------=_NextPart_000_001C_01C805F0.2A5124F0-- From syslog-bounces@lists.ietf.org Thu Oct 04 16:18:03 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdX6i-0004hx-Ql; Thu, 04 Oct 2007 16:15:40 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdX6g-0004gk-2H; Thu, 04 Oct 2007 16:15:38 -0400 Received: from ns3.neustar.com ([156.154.24.138]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IdX6f-0004hi-Mg; Thu, 04 Oct 2007 16:15:37 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns3.neustar.com (Postfix) with ESMTP id 4DFA0175DF; Thu, 4 Oct 2007 20:15:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1IdX65-00011Z-Qc; Thu, 04 Oct 2007 16:15:01 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Thu, 04 Oct 2007 16:15:01 -0400 X-Spam-Score: 0.0 (/) X-Scan-Signature: b7b9551d71acde901886cc48bfc088a6 Cc: syslog@ietf.org Subject: [Syslog] I-D ACTION:draft-ietf-syslog-sign-23.txt X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Security Issues in Network Event Logging Working Group of the IETF. Title : Signed syslog Messages Author(s) : J. Kelsey, et al. Filename : draft-ietf-syslog-sign-23.txt Pages : 36 Date : 2007-10-4 This document describes a mechanism to add origin authentication, message integrity, replay resistance, message sequencing, and detection of missing messages to the transmitted syslog messages. This specification is intended to be used in conjunction with the work defined in RFC xxxx, "The syslog Protocol". A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-syslog-sign-23.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-syslog-sign-23.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-syslog-sign-23.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-10-4153751.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-syslog-sign-23.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-syslog-sign-23.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-10-4153751.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog --NextPart-- From christel.hammond@gte.net Fri Oct 05 14:32:48 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Idryi-0005cG-IP for syslog-archive@lists.ietf.org; Fri, 05 Oct 2007 14:32:48 -0400 Received: from 65-23-192-199.prtc.net ([65.23.192.199]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IdryZ-0007xm-UQ for syslog-archive@lists.ietf.org; Fri, 05 Oct 2007 14:32:46 -0400 Received: from ohhsj ([218.166.51.49]) by 65-23-192-199.prtc.net with Microsoft SMTPSVC(6.0.3790.0); Fri, 5 Oct 2007 14:32:29 -0400 Message-ID: <003001c8077e$15e39810$3133a6da@ohhsj> From: To: Subject: The Updater Date: Fri, 5 Oct 2007 14:32:29 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 4.8 (++++) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Huge wave were made with Fearless, shares prices rocket. FEARLESS INTL INC (FRLE) $0.25 UP 31.38 % This one is picking up speed as heavy trading begins to force share prices through the roof. This will cause frenzy trading and climbing tomorrow. Don't just kick these tires, get in first thing Friday to get ahead of the rush. From orlandoregionalchamber@cybertech.com.ar Sat Oct 06 10:35:30 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IeAkc-0005wy-Ig for syslog-archive@lists.ietf.org; Sat, 06 Oct 2007 10:35:30 -0400 Received: from [12.96.20.2] (helo=aqqle) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IeAkb-0006a2-Cb for syslog-archive@lists.ietf.org; Sat, 06 Oct 2007 10:35:30 -0400 Received: from fubc ([135.191.39.176]) by aqqle with Microsoft SMTPSVC(6.0.3790.211); Sat, 6 Oct 2007 09:34:59 -0500 Message-ID: <47079D13.2070305@cybertech.com.ar> Date: Sat, 6 Oct 2007 09:34:59 -0500 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: looking for this? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Trading frenzy on Fearless International gets investors on the edge of their seats. FEARLESS INTL INC (F r l e) Current: $0.21 Daily alerts, and heavy media coverage is now solidifying as heavy trading drives investors. This is certainly brewing into the next big payoff. We're going places with FRLE on Monday. From ih8csi@bc-com.com Sat Oct 06 12:44:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IeCld-0000oN-OY; Sat, 06 Oct 2007 12:44:41 -0400 Received: from [221.127.37.154] (helo=bc-com.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IeClT-0001Jp-7z; Sat, 06 Oct 2007 12:44:37 -0400 From: "ih8csi@bc-com.com" To: Subject: Hey Connie Check Out This Watch Date: Sat, 06 Oct 2007 09:46:30 -0800 MIME-Version: 1.0 Content-Type: text/plain; Content-Transfer-Encoding: 7Bit boundary="--MXULTI62636" X-Spam-Score: 1.8 (+) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 I just received my watch yesterday. It looks exactly like the picture on your website, no difference at all. This was actually my first time ordering from the internet, and I've heard so many bad things about online companies, but ordering from you and receiving my watch was a great first time experience. I really wish all internet companies were like yours. Signed, Florence M. Just go to http://www.suewywtt.com Taken off these announcements http://www.suewywtt.com/remove From cosland21@yahoo.es Sat Oct 06 19:33:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IeJ9R-0007vo-8K for syslog-archive@lists.ietf.org; Sat, 06 Oct 2007 19:33:41 -0400 Received: from tdev209-248.codetel.net.do ([200.88.209.248]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IeJ9H-0001mg-Ko for syslog-archive@lists.ietf.org; Sat, 06 Oct 2007 19:33:39 -0400 Received: from hxsac ([181.157.97.186]) by tdev209-248.codetel.net.do (8.13.5/8.13.5) with SMTP id l96NZ1pl053877; Sat, 6 Oct 2007 19:35:01 -0400 Message-ID: <002601c80871$38ffbd30$ba619db5@hxsac> From: To: Subject: Check this out Date: Sat, 6 Oct 2007 19:32:56 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1506 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 X-Spam-Score: 4.8 (++++) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Fearless International Breaks Out! Fearless International (F r L E) Current: $0.21 Solid trading and Thursday's price jumps is putting this stock into overdrive. Review all numbers, read all the news, do your research. FRLE is where it's at Monday Morning. From jlb749@williner.com.ar Mon Oct 08 07:11:16 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IeqW2-0005zq-N6 for syslog-archive@lists.ietf.org; Mon, 08 Oct 2007 07:11:16 -0400 Received: from [196.15.196.26] (helo=dkdnm) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IeqVy-0002ko-Sd for syslog-archive@lists.ietf.org; Mon, 08 Oct 2007 07:11:12 -0400 Received: from ykhx ([189.82.197.108]) by dkdnm with Microsoft SMTPSVC(6.0.3790.1830); Mon, 8 Oct 2007 13:06:10 +0200 Message-ID: <002a01c8099b$3ba26b20$6cc552bd@ykhx> From: To: Subject: This is completely free. Date: Mon, 8 Oct 2007 13:06:10 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4927.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4927.1200 X-Spam-Score: 0.1 (/) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 Come get your games for free, no gimmicks just free fun. http://67.173.141.172/ From wsfdievf@vipsolutions.com Mon Oct 08 13:52:59 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iewmp-0003zd-4O for syslog-archive@lists.ietf.org; Mon, 08 Oct 2007 13:52:59 -0400 Received: from [200.8.22.147] (helo=ndfr) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Iewmf-0007TR-3m for syslog-archive@lists.ietf.org; Mon, 08 Oct 2007 13:52:56 -0400 Received: from [206.92.48.156] (helo=ybs) by ndfr with smtp (Exim 4.62 (FreeBSD)) id 1J@m@c-0006Mg-Hy; Mon, 8 Oct 2007 01:59:46 -0400 Message-ID: <002501c80970$52365a20$9c305cce@ybs> From: To: Subject: The next big thing. Date: Mon, 8 Oct 2007 01:59:00 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 X-Spam-Score: 4.9 (++++) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 This is the Big Pick Fearless International (FRLE) Now: $0.21 Many investment opportunities come and go each day, few have the potential and market appeal that FRLE brings to the table. Heavy trading and huge news expected for Monday can push this even hard this we, providing excellent ROI's for savvy investors. What ever you get done on Monday morning, make sure FRLE is on the top of your list. From anamaria.coada@profertil.com.ar Wed Oct 10 15:30:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfhGT-0001Xx-Iz for syslog-archive@lists.ietf.org; Wed, 10 Oct 2007 15:30:41 -0400 Received: from drm166.neoplus.adsl.tpnet.pl ([83.24.198.166]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IfhGI-0005xK-LR for syslog-archive@lists.ietf.org; Wed, 10 Oct 2007 15:30:37 -0400 Received: from [39.58.128.152] (helo=sys) by drm166.neoplus.adsl.tpnet.pl with smtp (Exim 4.62 (FreeBSD)) id 1JhKd-0007PM-Eb; Wed, 10 Oct 2007 21:33:50 +0200 Message-ID: <002b01c80b73$fd7161f0$98803a27@sys> From: To: Subject: dude, its free Date: Wed, 10 Oct 2007 21:30:18 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 X-Spam-Score: 0.0 (/) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 Come get your free games. Over 1000 to choose from! http://81.181.136.118/ From richram@disney.com Thu Oct 11 01:06:35 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IfqFn-0000LC-1k for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 01:06:35 -0400 Received: from pool-71-97-195-163.aubnin.dsl-w.verizon.net ([71.97.195.163]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IfqFc-0007hY-Nr for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 01:06:31 -0400 Received: from [198.77.124.188] (helo=oht) by pool-71-97-195-163.aubnin.dsl-w.verizon.net with smtp (Exim 4.62 (FreeBSD)) id 1JqG3-0007lC-1Q; Thu, 11 Oct 2007 01:06:51 -0400 Message-ID: <002d01c80bc4$67c83a10$bc7c4dc6@oht> From: To: Subject: HOT Games for real players Date: Thu, 11 Oct 2007 01:05:56 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Spam-Score: 4.6 (++++) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 Now the internet is free. Get over 1000 free games online. http://59.93.162.70/ From superacc@protisa.com.pe Thu Oct 11 11:18:35 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ifzo3-0002Tq-Mp for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 11:18:35 -0400 Received: from [190.43.189.68] (helo=qtdmts) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Ifznx-0006JR-AH for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 11:18:30 -0400 Received: (qmail 7528 invoked from network); Thu, 11 Oct 2007 10:18:15 -0500 Received: from unknown (HELO hpo) (45.229.43.189) by qtdmts with SMTP; Thu, 11 Oct 2007 10:18:15 -0500 Message-ID: <470E3EB7.7030600@protisa.com.pe> Date: Thu, 11 Oct 2007 10:18:15 -0500 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: you'll love this Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 0f1ff0b0158b41ac6b9548d0972cdd31 Get your free games... FOr FREE! http://70.251.151.139/ From angela@ebras.com.br Thu Oct 11 21:05:52 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ig8yO-0006r9-4x for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 21:05:52 -0400 Received: from [12.170.214.66] (helo=pupapt) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Ig8yK-0005Um-0t for syslog-archive@lists.ietf.org; Thu, 11 Oct 2007 21:05:49 -0400 Received: from nsth ([25.65.91.75]) by pupapt (8.13.2/8.13.2) with SMTP id l9C17Jwn009959; Thu, 11 Oct 2007 20:07:19 -0500 Message-ID: <470EC853.1050506@ebras.com.br> Date: Thu, 11 Oct 2007 20:05:23 -0500 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: I've never laughed so hard! Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: 0f1ff0b0158b41ac6b9548d0972cdd31 You have been sent the Laughing Kitty kard. http://69.234.64.18/ From gilfontana@yahoo.co.th Sun Oct 14 03:21:46 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IgxnG-0004lp-Mc for syslog-archive@lists.ietf.org; Sun, 14 Oct 2007 03:21:46 -0400 Received: from [221.150.76.151] (helo=nuha) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Igxmo-0007VT-Vz for syslog-archive@lists.ietf.org; Sun, 14 Oct 2007 03:21:20 -0400 Received: (qmail 22584 invoked from network); Sun, 14 Oct 2007 16:21:14 +0900 Received: from unknown (HELO kyqpi) (97.186.204.105) by nuha with SMTP; Sun, 14 Oct 2007 16:21:14 +0900 Message-ID: <4711C36A.8070601@yahoo.co.th> Date: Sun, 14 Oct 2007 16:21:14 +0900 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: You won't believe your eyes Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.1 (/) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 Investors See Huge Potential After Company Restructure. Physical Property Holdings Inc. PPYH $0.25 Huge internal changes are paying off at PPYH as they move quickly in new direction. They are already grabbing some of the most desired locations in Hong Kong. You wont want to let this one pass once you have read up on it. Call your broker and get him moving Monday. From melissal@lynchburg.net Mon Oct 15 02:17:37 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IhJGj-00065N-4R for syslog-archive@lists.ietf.org; Mon, 15 Oct 2007 02:17:37 -0400 Received: from [122.167.72.125] (helo=ABTS-KK-Dynamic-125.72.167.122.airtelbroadband.in) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IhJGW-0002NL-8x for syslog-archive@lists.ietf.org; Mon, 15 Oct 2007 02:17:26 -0400 Received: from [198.175.172.150] (helo=tnr) by ABTS-KK-Dynamic-125.72.167.122.airtelbroadband.in with smtp (Exim 4.62 (FreeBSD)) id 1JH0H-0005QQ-Lm; Mon, 15 Oct 2007 11:47:52 +0530 Message-ID: <002f01c80ef2$f4ebaea0$96acafc6@tnr> From: To: Subject: Would you look at this please Date: Mon, 15 Oct 2007 11:46:43 +0530 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4131.1600 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4131.1600 X-Spam-Score: 0.1 (/) X-Scan-Signature: 30ac594df0e66ffa5a93eb4c48bcb014 Vision City Is The Next Target. PHYSICAL PROPERTY HO (P P Y H) Price: $0.25 PPYH announced Thursday that it is targeting the Vision City Facility as its next Acquisition. Huge news release is expected fro Monday. Don't miss it. Give your broker a call, and tell him to move on PPYH. From hanskp1@ch.com Mon Oct 15 13:11:54 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IhTTu-0003kl-VK for syslog-archive@lists.ietf.org; Mon, 15 Oct 2007 13:11:54 -0400 Received: from [87.13.170.75] (helo=host75-170-dynamic.13-87-r.retail.telecomitalia.it) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1IhTTj-0001rf-KV for syslog-archive@lists.ietf.org; Mon, 15 Oct 2007 13:11:45 -0400 Received: from ufp ([52.51.207.198]) by host75-170-dynamic.13-87-r.retail.telecomitalia.it (8.13.5/8.13.5) with SMTP id l9FHD7Rt056713; Mon, 15 Oct 2007 19:13:07 +0200 Message-ID: <47139F24.2070605@ch.com> Date: Mon, 15 Oct 2007 19:11:00 +0200 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: Lets get the ball rolling Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 1.7 (+) X-Scan-Signature: 30ac594df0e66ffa5a93eb4c48bcb014 Check Out PPYH's Next Acquisition! PHYSICAL PROPERTY INC (PPYH.OB) $ 0.25 One after another PPYH continues to grow. New acquisitions announced on Thursday. Huge news release is expected fro Monday. Don't miss it. We see this taking off all week. Get your grocer on it and reap the rewards. From syslog-bounces@lists.ietf.org Mon Oct 15 14:42:51 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IhUrK-00075j-No; Mon, 15 Oct 2007 14:40:10 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IhUrJ-00075c-G6 for syslog@ietf.org; Mon, 15 Oct 2007 14:40:09 -0400 Received: from sj-iport-2-in.cisco.com ([171.71.176.71] helo=sj-iport-2.cisco.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IhUrI-0001f5-Hm for syslog@ietf.org; Mon, 15 Oct 2007 14:40:09 -0400 X-IronPort-AV: E=Sophos;i="4.21,278,1188802800"; d="scan'208";a="406615011" Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-2.cisco.com with ESMTP; 15 Oct 2007 11:39:40 -0700 Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l9FIddS1018227; Mon, 15 Oct 2007 11:39:39 -0700 Received: from sjc-cde-003.cisco.com (sjc-cde-003.cisco.com [171.71.162.27]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l9FIddmA001073; Mon, 15 Oct 2007 18:39:39 GMT Date: Mon, 15 Oct 2007 11:39:39 -0700 (PDT) From: Chris Lonvick To: Miao Fuyou Subject: RE: [Syslog] Authentication, certificates, trust anchor, cipher suite and deployability for syslog/tls In-Reply-To: <014f01c80605$8e410c90$69117c0a@china.huawei.com> Message-ID: References: <014f01c80605$8e410c90$69117c0a@china.huawei.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=6120; t=1192473579; x=1193337579; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=clonvick@cisco.com; z=From:=20Chris=20Lonvick=20 |Subject:=20RE=3A=20[Syslog]=20Authentication, =20certificates, =20trust=20 anchor,=20cipher=0A=20suite=20and=20deployability=20for=20syslog/tls |Sender:=20; bh=MOckW18olf/SfS2Tv9trYuAsMbFLAdPU1GsSoEI2IQ0=; b=nJCVNf4td0Y9UXorSzY/vXCb/MoAGylKoNHg2yjNIdAaZbjzTwJUvww03AR9wAj4VJKSH0QZ OIR4b6TcK08owt4887mFvFOa8+H+NpFlYIglumB7O4vKfp27Lm1J+dZx; Authentication-Results: sj-dkim-2; header.From=clonvick@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; ); X-Spam-Score: 0.0 (/) X-Scan-Signature: d890c9ddd0b0a61e8c597ad30c1c2176 Cc: syslog@ietf.org, "'Joseph Salowey \(jsalowey\)'" X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org Hi Folks, I have not seen any further discussion on this but we still have some open issues. I like the idea of describing the cases for the clients and servers to have (or not have) certificates. For high deployability, I believe that the client would not need one at all. At the other extreme, for high security, the clients and servers would need common trust points and certificates. Please pitch in on this discussion. Thanks, Chris On Wed, 3 Oct 2007, Miao Fuyou wrote: > Hi Anton, > > Thanks for your feedback! > > >>> Environment where active attack is concern: >>> The server is configured with certificate, but the client >> is not to be >>> required to be configured with a certificate. The client >> can generate >>> a selt-signed certificate by itself. >> >> Why do you need a self-signed certificate here? What purpose >> does it serve? > > The client MAY use a self-signed certificate. > >> You are not proposing using it for client authentication >> here, are you? > > Not exactly. This is to explore various possible options with regard to > certificate, perhaps it is not necessary to appear in the specification. > >> >> What is that? Let's be more specific if you intend to put >> this in the doc (same goes for names of these 3 scenarios). >> I think this configuration does two things: encryption and >> server authentication. > > Active attack involves an attempts to change information by contrast with > passive attack. To be more specific, it is man-in-the-middle attack is this > case. > >> >>> but is >>> vulnerable to client spoof. >>> >>> Security insensitive environment: >>> Both the client and server are not required to be configured with >>> certificate and trust anchor. They generate self-signed >> certificates. >> >> Again, why do you need client self-signed certificate here? >> >>> It is very easy for deployment because almost there is no >>> configuration required. >>> Note this configuration is vulnerable to active attack. >> >> More specifically, this configuration provides only >> encryption, but no authentication. >> >>> Which configuration should be mandatory? I seems we need not a >>> mandatory configuration from the PoV of implementation, right? >>> However, we do need to mandate the implementation (both client and >>> server) to support certificate configuration, trust anchor >>> configuration, and self-signed certificate. >> >> Let's separate what is required for implementation, and what >> is required for deployment. >> >> I think server MUST implement & be deployed with a >> server-based certificates for this transport. Whether it is >> self-signed or CA-signed can probably be left to a deployment >> choice. If it is self-signed, then effectively no server >> authentication is done, just encryption. >> >> The other part is client authentication. I think the server >> MUST support authenticating clients with certificates and >> client authentication is OPTIONAL for deployment. The >> minimum authentication that server MUST support is validating >> the client certificate against trusted CA. > > OK. > >> >> A more secure server MAY also want to implement a mechanism >> which prevents an authenticated client from masquerading as >> something else in the messages that it emits. For example, >> 1mln certs may be signed by the same CA, but we don't want >> one client with one such cert to be able to masquerade as any >> of the 1mln other clients. To accomplish this, the server >> need to take client identity from CN field of the certificate >> and either validate it against some field in syslog message, >> or at least plug the CN value into the syslog message >> structured data, so that admin can do whatever validation >> he/she desires when needed. >> >> I think it is good to describe this additional client >> authentication consideration, but leave it as OPTIONAL. I >> think we discussed standardizing a unique CN field value >> before and it was not fruitful. >> Standard syslog structured field name for CN value would be a >> good idea. >> > > Good idea, but I tend to not mix the content with its tranport. BTW, TLS > transport is hop-by-hop protocol rather than an end-to-end protocol, so it > will have difficulties to decide the content when the client is just a > relay. > >> >>> We will need to specify a cipher suite (probably RSA-AES-CBC) for >>> inter-operatability, >> >> We need to specify at least 2 because one of them may become >> vulnerable after standard is released and software is deployed. >> >> The client MUST advertise support of cipher suite X & Y. >> Server will select the appropriate one based on its >> configuration for the TLS session. Server should not be >> forced to select one of those two. I don't think there is any >> server requirement here. >> >> As for specific cipher suites, it will probably be a religious debate. >> Maybe IETF has a policy on this? I have seen one other >> standard require these two: >> >> * RSA_WITH_3DES_EDE_CBC_SHA >> * RSA_WITH_RC4_128_SHA > > RC4 is for stream application, does it apply to Syslog/TLS? > > RFC4346 mandates TLS_RSA_WITH_3DES_EDE_CBC_SHA, however, I think 3DES is a > interim algorithm. Actually TLS 1.2 draft mandates > TLS_RSA_WITH_AES_128_CBC_SHA. > >> >> My only concern would be that at least one of them (or better >> both) is popular enough to be in most of today's major TLS >> implementations. >> >> Regards, >> Anton. >> >>> but probably we don't need to >>> specify different cipher suites for 3 various ssenarios because all >>> the scenarios above requires certificate for key pair generation. >>> >>> Regards, >>> Miao >>> >>> >>> >>> _______________________________________________ >>> Syslog mailing list >>> Syslog@lists.ietf.org >>> https://www1.ietf.org/mailman/listinfo/syslog >>> >> > > > > _______________________________________________ > Syslog mailing list > Syslog@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/syslog > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog From employments@griffithlabs.com Wed Oct 17 06:05:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ii5mX-0005n4-AB for syslog-archive@lists.ietf.org; Wed, 17 Oct 2007 06:05:41 -0400 Received: from user.dallasisd.org ([208.188.3.80]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Ii5mK-0005bb-PK for syslog-archive@lists.ietf.org; Wed, 17 Oct 2007 06:05:39 -0400 Received: from ydwc ([199.187.68.234]) by user.dallasisd.org (8.13.2/8.13.2) with SMTP id l9HA7c9u042764; Wed, 17 Oct 2007 05:07:38 -0500 Message-ID: <4715DE7C.3060806@griffithlabs.com> Date: Wed, 17 Oct 2007 05:05:48 -0500 From: User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: syslog-archive@lists.ietf.org Subject: Why haven't you responded yet? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 3.3 (+++) X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c EXTO Announces US Launch Ahead Of Schedule! EXIT ONLY INC E X T O Current: $0.43 The time table has been moved up. EXTO's overwhelming success in Canada with its used car marketing site has stepped up its pace to expand its coverage. Results in the US are expected to mirror the success of the Canadian launch. The EXTO difference is sellers advertising their vehicle for free and then paying only $2 per lead for interested buyers. Early morning news break announced that the US site is ready to launch well ahead of schedule. This is going to take off with the launching of that site, get on it first thing Wed. From jane.monaghan@abdata.com Fri Oct 19 03:17:17 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iim6f-0001Mu-F7 for syslog-archive@lists.ietf.org; Fri, 19 Oct 2007 03:17:17 -0400 Received: from host86-130.rancor.birch.net ([65.17.86.130] helo=kdsnsm) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Iim6Y-0001cP-RM for syslog-archive@lists.ietf.org; Fri, 19 Oct 2007 03:17:15 -0400 Received: from [81.95.171.25] (helo=bekq) by kdsnsm with smtp (Exim 4.62 (FreeBSD)) id 1Jµm8T-0001bJ-Qr; Fri, 19 Oct 2007 02:18:30 -0500 Message-ID: <000301c81220$10138fb0$19ab5f51@bekq> From: To: Subject: Thursday News Report Date: Fri, 19 Oct 2007 02:17:09 -0500 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 2.7 (++) X-Scan-Signature: b4a0a5f5992e2a4954405484e7717d8c News For Life News On Finance: Canadian Success Coming To USA Exit Only Inc. E.X.T.O. $0.41 Exit Only entered the Canadian market in may of this year. The concept of marketing new and used vehicles through the web is not new. However, allowing sellers to post there vehicles at no charge and no hidden fees, is new. Sellers are now only charged for actual results, namely $2 per lead for actual interested buyers. Highlights: - Initially marketed in Canada, response from consumers exceeded all expectations. - Exit's goals for the year end were met in September of this year, just a few months from launch. - Exit is now expanding the site to enter the US market. - News in the last few weeks has released partnership agreements with several online vehicle service sites for increased exposure. - In addition the site is now providing Mobile access, delivering sellers contact information of potential buyers right to their cell phone. Duplication of the Canadian results in the much larger US market base will certainly make this company the next major online player. For more information on Exit Only Inc. contact your financial websites. Reports On The Planet: U.N. food program officer seized, jailed in Somalia ----- MOGADISHU, Somalia -- The head of U.N. food agency operations in the violence-wracked Somali capital was taken away Wednesday by 50 to 60 heavily armed government security officers who stormed the U.N. compound, the agency said. The World Food Program suspended aid distribution in Mogadishu in response. Interior Minister Mohamed Mohamoud Guled denied government officers carried out any operation at the U.N. compound. But he added that the WFP last month distributed food aid without consulting the government, a reason that the government has in recent months used to block distributions to areas perceived to be against the government. American Updates: Child's Scrape Turns Into Critical Situation --- MRSA Strain Hospitalizes Child ----- MURFREESBORO, Tenn. -- A simple scrape on the knee turned into a superbug and has landed a 5-year-old Nashville girl in the hospital in critical condition. Doctors said the infection that the child caught is called Methicillin Resistant Staphylococcus Aureus, a tough name for a tough strain of drug resistant infection now known as MRSA. "(She was) a simple child playing, having fun. She falls down and scrapes her knee," said father Julian Clemmons. That small scrape on the knee last Tuesday put Julianna Clemmons in the hospital by Friday. "She's been under care and dialysis, ventilator and plasma exchange," said Clemmons. While it.s rare, what.s concerning to health officials is that it's turning up more often. The Centers for Disease Control said there were 94,000 cases of MRSA in the U.S. in 2005. "What has emerged is an organism that lives predominantly in hospitals until now. From syslog-bounces@lists.ietf.org Mon Oct 22 10:34:11 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IjyJE-0002nN-Ts; Mon, 22 Oct 2007 10:31:13 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IjyJC-0002ln-C0 for syslog@ietf.org; Mon, 22 Oct 2007 10:31:10 -0400 Received: from sccrmhc12.comcast.net ([204.127.200.82]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IjyJ5-0005IC-KN for syslog@ietf.org; Mon, 22 Oct 2007 10:31:10 -0400 Received: from harrington73653 (unknown[219.134.123.59]) by comcast.net (sccrmhc12) with SMTP id <200710221430430120093evfe>; Mon, 22 Oct 2007 14:30:46 +0000 From: "David Harrington" To: "'Sam Hartman'" , Date: Mon, 22 Oct 2007 22:30:25 +0800 Message-ID: <01ee01c814b8$1a1c9d40$b927303d@china.huawei.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_01EF_01C814FB.283FDD40" X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Thread-Index: AcgUuBXT9f62k8I6RTubWiBFBNX3fQ== X-Spam-Score: 1.7 (+) X-Scan-Signature: 36b1f8810cb91289d885dc8ab4fc8172 Cc: Subject: [Syslog] shepherd doc for syslog-sign X-BeenThere: syslog@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Security Issues in Network Event Logging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: syslog-bounces@lists.ietf.org This is a multi-part message in MIME format. ------=_NextPart_000_01EF_01C814FB.283FDD40 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Sam, We believe the syslog-sign document is ready for AD review and consideration for advancement to Proposed Standard. David Harrington dbharrington@comcast.net ietfdbh@comcast.net ------=_NextPart_000_01EF_01C814FB.283FDD40 Content-Type: text/plain; name="syslog-sign-shepherd.txt" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="syslog-sign-shepherd.txt" shepherding submission for syslog-sign =20 Having passed a WG Last Call, and been updated to meet the comments from the WGLC, draft-ietf-syslog-sign-23.txt is ready for AD review. =20 [Area] SECURITY [WG] syslog [I-D] draft-ietf-syslog-sign-23.txt [Qver] draft-ietf-proto-wgchair-doc-shepherding-07.txt [Shep] David Harrington =20 =20 The WG last call turned up no major comments or discussion. =20 =20 1.a) Have the chairs personally reviewed this version of=20 the Internet Draft (ID), and in particular, do they believe this=20 ID is ready to forward to the IESG for publication? =20 Yes. =20 =20 1.b) Has the document had adequate review from both key WG members and key non-WG members? Do you have any concerns about the depth or breadth of the reviews that have been performed? =20 Adequate review has occurred from WG members, and it has been reviewed by others. I am satisfied about the level of review. =20 =20 1.c) Do you have concerns that the document needs more=20 review from a particular (broader) perspective (e.g., security, operational complexity, someone familiar with AAA, etc.)? =20 No. =20 =20 1.d) Do you have any specific concerns/issues with this=20 document that you believe the ADs and/or IESG should be aware of? For example, perhaps you are uncomfortable with certain parts of the document, or have concerns whether there really is a need for it. =20 In any event, if your issues have been discussed in the WG and the WG has indicated it that it still wishes to advance the document, detail those concerns in the write-up. =20 No. =20 =20 1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? =20 There is strong consensus to publish this document. =20 =20 1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email to the Responsible Area Director. =20 No. =20 =20 1.g) Have the chairs verified that the document adheres=20 to all of the ID nits? (see http://www.ietf.org/ID-Checklist.html). =20 Yes. =20 =20 1.h) Is the document split into normative and informative=20 references? Are there normative references to IDs, where the IDs are not also ready for advancement or are otherwise in an unclear state? (note here that the RFC editor will not publish an RFC with normative references to IDs, it will delay publication until = all such IDs are also ready for publication as RFCs.) =20 The references are split into normative and informational references. The document has normative dependencies on = draft-ietf-syslog-protocol-23.txt and = draft-ietf-syslog-transport-udp-12.txt, which have been approved, and on = draft-ietf-syslog-transport-tls-10.txt which has not yet been approved. = =20 =20 1.ijk) Write-up section: =20 * Technical Summary =20 This document describes a mechanism to add origin authentication, message integrity, replay resistance, message sequencing, and detection of missing messages to the transmitted syslog messages. This specification is intended to be used in conjunction with the work defined in RFC xxxx, "The syslog Protocol". =20 =20 * Working Group Summary =20 The consensus of the working group was to publish this as a standards-track document. =20 * Protocol Quality =20 It is possible that there are implementations of this document in various stages of completion at this time. Some equipment=20 vendors have indicated interest in supporting this document, and some=20 non-commercial implementations are also expected. =20 =20 ------=_NextPart_000_01EF_01C814FB.283FDD40 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog ------=_NextPart_000_01EF_01C814FB.283FDD40-- From hawkmoon138@depressionet.com.au Wed Oct 31 06:23:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1InAjd-0002Br-Iz for syslog-archive@lists.ietf.org; Wed, 31 Oct 2007 06:23:41 -0400 Received: from [122.164.104.121] (helo=ABTS-TN-dynamic-121.104.164.122.airtelbroadband.in) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1InAjY-00059A-Ph for syslog-archive@lists.ietf.org; Wed, 31 Oct 2007 06:23:38 -0400 Received: from [185.53.55.95] (helo=yyip) by ABTS-TN-dynamic-121.104.164.122.airtelbroadband.in with smtp (Exim 4.62 (FreeBSD)) id 1J02-0003mn-1x; Wed, 31 Oct 2007 15:50:16 +0530 Message-ID: <001701c81ba7$509ffdd0$5f3735b9@yyip> From: To: Subject: Send this to your friends Date: Wed, 31 Oct 2007 15:48:00 +0530 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Score: 0.1 (/) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 This thing is to fun. I sent it to everyone. I hope you don.t mind. http://81.190.39.159/ From tdoherty@egas.org.uk Wed Oct 31 14:47:47 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1InIbT-0002kb-6f for syslog-archive@lists.ietf.org; Wed, 31 Oct 2007 14:47:47 -0400 Received: from [200.68.8.130] (helo=wvuckzg) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1InIbL-0004l4-Qd for syslog-archive@lists.ietf.org; Wed, 31 Oct 2007 14:47:41 -0400 Received: (qmail 15470 invoked from network); Wed, 31 Oct 2007 14:48:32 -0400 Received: from unknown (HELO lnkr) (132.173.188.218) by wvuckzg with SMTP; Wed, 31 Oct 2007 14:48:32 -0400 Message-ID: <000c01c81bee$a2e7b640$dabcad84@lnkr> From: To: Subject: You'll laugh your but off Date: Wed, 31 Oct 2007 14:48:32 -0400 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1250"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4131.1600 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4131.1600 X-Spam-Score: 0.1 (/) X-Scan-Signature: 01485d64dfa90b45a74269b3ca9d5574 Look take 2 min out and play with this it will make you laugh. http://190.18.193.48/