On 12/02/11 23:45, Zhihao Yuan wrote: >> In 2008 I implemented the syslog RFCs for NetBSD's syslogd, so if you > That's an amazing work. Did you compared those documents (they were > drafts in 08') with the final versions? Any differences?
I followed the IETF process and as far as I know there are two major differences: a) For syslog-sign I encoded signatures with a PEM format in the way of X.509/OpenSSL, but the final RFC specifies an OpenPGP-like encoding. b) For TLS transport the rules for peer certificate verification (always a very confusing problem) were discussed and modified in the later drafts. Most notably the RFC requires support for wildcards in DNS names, which is not implemented. -- Martin _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
