The real issue is in building a timestamping regimen and PKI based crypto service so that the log can be claimed to be "non-repudiated" and can later for forensic reasons be taken apart. This is way more than just tunneling and BTW, if you need a reason why this would be a good feature set to add, are you folks aware that under GLB and the privacy acts of a number of countries we all as systems admins can go to jail over what our logs contain. Todd ----- Original Message ----- From: "Forrest Aldrich" <forrie@navipath.com> To: <syslog-ng@lists.balabit.hu> Sent: Monday, October 08, 2001 4:30 PM Subject: Re: [syslog-ng] Encrypted messages
At 12:34 PM 10/8/2001 -0700, Nate Campi wrote:
I think most of us just forward over stunnel with TCP logging and don't reallly worry about it. [ ... ]
Sure, that works. But since it's listed as a "feature-to-be" and with other scenarios where stunnel might be overkill, this feature would be worthwhile to have. I presume it would have some form of digital signature (and verification) capability?
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng