We've finally gotten around to revising draft-gerhards-syslog-plain-tcp.
This addresses the issues that Tom raised about
- the intro specifically stating what to expect in the body of the text
- a note on the transport security.
For the first, we just sort'a straightened things out with a few edits.
For the latter, I looked in many places for a list of TCP vulnerabilities
but couldn't find anything substantial. The US-CERT had a few
implementation things and there were a scattering of other things. In the
end, I just added a subsection to warn impelemters to look closely before
writing code. If anyone has any other suggestions, please let us know.