logging-log4j-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roberto Blanc" <rbl...@kinamik.com>
Subject RE: Call for feedback
Date Mon, 04 May 2009 15:50:01 GMT
Hi Thorbjørn,

Thanks for your comment. In simple terms, what we do for making these logs tamper-evident
is to process each line and then chain-hashing them. This means that any tampering in any
record (even a single byte in one record) equals to an interruption in the hash chain, which
allow us to pinpoint exactly where (e.g. in what event) this tampering has occurred. 

Are you thinking about any application for this type of solution?



-----Original Message-----
From: Thorbjørn Ravn Andersen [mailto:thunderaxiom@gmail.com] 
Sent: martes, 28 de abril de 2009 11:04
To: Log4J Users List
Subject: Re: Call for feedback

Roberto Blanc skrev  den 25-04-2009 19:00:
> while doing its job. It has the unique value of adding this
> tamper-evident "digital fingerprint" at the record level, which is
> impossible using other means such as digital signatures.
>   
Interesting.  Could you explain how this tamper-evident fingerprinting 
works?

-- 
  Thorbjørn Ravn Andersen  "...plus... Tubular Bells!"


---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org


Mime
View raw message