[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: SoC: Improve syslogd
On Mon, May 26, 2008 at 11:58 PM, Martin Schütte
> Rainer Gerhards schrieb:
>> One thing, though. I would find it useful if the presence of a file is
>> not the only permission "indicator". How about the first line being
>> either "OK", "UNKNOWN" or something else. In case of "OK", the sender
>> is permitted. In case of "UNKNOWN", this is a yet-unknown fingerprint,
>> which needs to be authorized by an operator but is not yet permitted
>> to send to us. This would solve the approval issue that is lingering
>> behind fingerprint authentication. Anything else would mean "not
> You want the syslogd to write new fingerprints into the directory?
> I do not think that is a good idea. First it should not be allowed to do so
> and have only read access to that directory (or any configuration).
> But more important: where is the benefit of having 10 fingerprints with
> content "UNKNOWN" there?
These could be displayed to a user as new connection requests. Then,
the user can authorize them or deny access.
> From that perspective a textfile with fingerprints would be more useful,
> because one can write the hostnames as comments into it.
>> And if we go a little bit further, there could actually be two value
>> in the first line (or one each in the first two lines). The permission
>> state and the usage, e.g. "CLIENT" and "SERVER". In that case,
>> something flagged as CLIENT could only be used to authenticate a
>> sender, while a "SERVER" flag means we can authenticate the receiver
>> when we send.
>> How does this sound?
> To be honest: complicated.
> If there is more content than the fingerprint=filename itself, then one file
> is usually beter than 1-20 files.
OK - I think I'll stay tuned on what you implement and later see if I
can be compatible to it.
> And I am still undecided wether
> client/server certs are worth the effort. (Not only in implementing but also
> in administering as a user.)
What exactly do you mean - different certs for client and server use?
Or cert-based authentication for client and server function? The later
is currently mandated by syslog-transport-tls...
Main Index |
Thread Index |