diff options
author | Rainer Gerhards <rgerhards@adiscon.com> | 2008-05-21 11:41:15 +0200 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2008-05-21 11:41:15 +0200 |
commit | 350f28efd97ff8f84fa0c86b5655e1cef8d4596e (patch) | |
tree | 8c8d0e69931beffb81dfd2ffe118ee3620f0c4fc /doc/ns_gtls.html | |
parent | cb8188da16d0ff66ef6bc2f9b0b52554651f06b2 (diff) | |
download | rsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.tar.gz rsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.tar.xz rsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.zip |
added new transport auth methods to doc set
Diffstat (limited to 'doc/ns_gtls.html')
-rw-r--r-- | doc/ns_gtls.html | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/doc/ns_gtls.html b/doc/ns_gtls.html new file mode 100644 index 00000000..ff5ed7c3 --- /dev/null +++ b/doc/ns_gtls.html @@ -0,0 +1,36 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<html><head><title>gtls Network Stream Driver</title> + +</head> +<body> +<h1>gtls Network Stream Driver</h1> +<p>This <a href="netstream.html">network stream +driver</a> implements a TLS protected transport via the <a href="http://www.gnu.org/software/gnutls/" target="_blank">GnuTLS +library</a>.</p> +<p style="font-weight: bold;">Supported Driver Modes</p> +<ul> +<li>0 - unencrypted trasmission (just like <a href="ns_ptcp.html">ptcp</a> driver)</li> +<li>1 - TLS-protected operation</li> +</ul>Note: mode 0 does not provide any benefit over the ptcp driver. +This mode exists for technical reasons, but should not be used. It may +be removed in the future.<br><span style="font-weight: bold;"> +Supported Authentication Modes</span><br> +<ul> +<li><span style="font-weight: bold;">anon</span> - anonymous authentication as +described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft</li> +<li><span style="font-weight: bold;">x509/fingerprint</span> - certificate fingerprint authentication as +described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft</li><li><span style="font-weight: bold;">x509/name</span> - certificate validation and subject name authentication as +described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft [NOT YET IMPLEMENTED]</li> +</ul>Note: "anon" does not permit to authenticate the remote peer. As +such, this mode is vulnerable to man in the middle attacks as well as +unauthorized access. It is recommended NOT to use this mode.<br> +[<a href="rsyslog_conf.html">rsyslog.conf overview</a>] +[<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>] +<p><font size="2">This documentation is part of the +<a href="http://www.rsyslog.com/">rsyslog</a> +project.<br> +Copyright © 2008 by <a href="http://www.gerhards.net/rainer">Rainer +Gerhards</a> and +<a href="http://www.adiscon.com/">Adiscon</a>. +Released under the GNU GPL version 3 or higher.</font></p> +</body></html>
\ No newline at end of file |