summaryrefslogtreecommitdiffstats
path: root/doc/ns_gtls.html
diff options
context:
space:
mode:
authorRainer Gerhards <rgerhards@adiscon.com>2008-05-21 11:41:15 +0200
committerRainer Gerhards <rgerhards@adiscon.com>2008-05-21 11:41:15 +0200
commit350f28efd97ff8f84fa0c86b5655e1cef8d4596e (patch)
tree8c8d0e69931beffb81dfd2ffe118ee3620f0c4fc /doc/ns_gtls.html
parentcb8188da16d0ff66ef6bc2f9b0b52554651f06b2 (diff)
downloadrsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.tar.gz
rsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.tar.xz
rsyslog-350f28efd97ff8f84fa0c86b5655e1cef8d4596e.zip
added new transport auth methods to doc set
Diffstat (limited to 'doc/ns_gtls.html')
-rw-r--r--doc/ns_gtls.html36
1 files changed, 36 insertions, 0 deletions
diff --git a/doc/ns_gtls.html b/doc/ns_gtls.html
new file mode 100644
index 00000000..ff5ed7c3
--- /dev/null
+++ b/doc/ns_gtls.html
@@ -0,0 +1,36 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html><head><title>gtls Network Stream Driver</title>
+
+</head>
+<body>
+<h1>gtls Network Stream Driver</h1>
+<p>This <a href="netstream.html">network stream
+driver</a> implements a TLS protected transport via the <a href="http://www.gnu.org/software/gnutls/" target="_blank">GnuTLS
+library</a>.</p>
+<p style="font-weight: bold;">Supported Driver Modes</p>
+<ul>
+<li>0 - unencrypted trasmission (just like <a href="ns_ptcp.html">ptcp</a> driver)</li>
+<li>1 - TLS-protected operation</li>
+</ul>Note: mode 0 does not provide any benefit over the ptcp driver.
+This mode exists for technical reasons, but should not be used. It may
+be removed in the future.<br><span style="font-weight: bold;">
+Supported Authentication Modes</span><br>
+<ul>
+<li><span style="font-weight: bold;">anon</span> - anonymous authentication as
+described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft</li>
+<li><span style="font-weight: bold;">x509/fingerprint</span> - certificate fingerprint authentication as
+described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft</li><li><span style="font-weight: bold;">x509/name</span> - certificate validation and subject name authentication as
+described in IETF's draft-ietf-syslog-transport-tls-12 Internet draft [NOT YET IMPLEMENTED]</li>
+</ul>Note: "anon" does not permit to authenticate the remote peer. As
+such, this mode is vulnerable to man in the middle attacks as well as
+unauthorized access. It is recommended NOT to use this mode.<br>
+[<a href="rsyslog_conf.html">rsyslog.conf overview</a>]
+[<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]
+<p><font size="2">This documentation is part of the
+<a href="http://www.rsyslog.com/">rsyslog</a>
+project.<br>
+Copyright © 2008 by <a href="http://www.gerhards.net/rainer">Rainer
+Gerhards</a> and
+<a href="http://www.adiscon.com/">Adiscon</a>.
+Released under the GNU GPL version 3 or higher.</font></p>
+</body></html> \ No newline at end of file