Thursday, June 22, 2006

syslog standardization brought to stop by patent claim

Hi folks,

long time no post, but now one is really due...

Let's wrap up: The IETF is trying to standardize and evolve the syslog protocol. Syslog is in wide-spread use for system and network monitoring, both in small and large-scale environments. Though widely used, it has never been standardized and is inherently insecure. The IETF syslog working group is trying to change this. During the work, a proposal for a (TLS) secured syslog protocol has been developed, a real group effort. This proposal reflects what already is done in practice (just google for "syslog ssl" and you see what I mean...).

Now, Huawei (the authors of the standard document belong to them) claims an undisclosed patent on this work. This in turn has lead to a standstil of the standardization effort plus a search for alternate, less efficient and more complex solutions to the problem.

The full story can be obtained from the working group's mailing list archive. It started with this message:

The discussion can be followed by reading the top half posts on this page:

Two of my favourite rants in the discussion are these:

Isn't that cool? It is a nice example of how useful that current software patent system really is.

Happy legalizing,

simplifying rsyslog JSON generation

With RESTful APIs, like for example ElasticSearch, you need to generate JSON strings. Rsyslog will soon do this in a very easy to use way. ...