Re: SoC: Improve syslogd

[Joerg Sonnenberger <joerg%britannica.bec.de@localhost>]

On Mon, May 26, 2008 at 09:39:34PM +0200, Rainer Gerhards wrote:
> What I do still not fully understand (now) is how you would like to
> have a client authenticate the server. Just based on the @@<hostname>.
> If so, how do you do fingerprints?

A single certificate for the client should be good enough as starting
point. Selecting the key per host might be useful in edge cases, but I
don't think it is required initially.

> As a side-note, have you already made up your mind which TLS library
> you will probably use?

Given that OpenSSL is the only implementation in NetBSD...

Joerg