Package: dsyslog
Severity: wishlist
Hey,
William and I had a quick chat on IRC, and I was asked to write up what
I want in a quick bug report.
For remote logging the syslogd should, obviously, support TLS. With
_mutual_ authentication, i.e. also the client needs to present a
certificate which the logserver can verify. (Optionally of course.)
The logical next step when we have authenticated clients is to use the
information from the certificate (which is per definition trusted since
it was signed by the CA and not by the logging client) in log lines as
the host - the client might cheat there.
Also, for logging to directory trees like $host/$data/$facility it would
be useful to again use parts of the cert (i.e. the CN) in the path
instead of the client-supplied hostname, or a client ip address.
In addition to that dear Santa, DSA wants a pony for every member.
Cheers,
weasel
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
