IETF Logo Mail Archive

Re: [dispatch] Proposed charter for work on logging

"Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com> Thu, 20 June 2013 14:05 UTC

Return-Path: <Peter.Dawes@vodafone.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 897A021F9C90 for <dispatch@ietfa.amsl.com>; Thu, 20 Jun 2013 07:05:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7oNQ4CYM1HKW for <dispatch@ietfa.amsl.com>; Thu, 20 Jun 2013 07:05:09 -0700 (PDT)
Received: from mailout01.vodafone.com (mailout01.vodafone.com [195.232.224.70]) by ietfa.amsl.com (Postfix) with ESMTP id E573221F9C59 for <dispatch@ietf.org>; Thu, 20 Jun 2013 07:05:08 -0700 (PDT)
Received: from mailint01.vodafone.com (localhost [127.0.0.1]) by mailout01.vodafone.com (Postfix) with ESMTP id 9F2A92E1A1A for <dispatch@ietf.org>; Thu, 20 Jun 2013 16:05:05 +0200 (CEST)
Received: from VOEXC01W.internal.vodafone.com (voexc01w.dc-ratingen.de [145.230.101.21]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mailint01.vodafone.com (Postfix) with ESMTPS id 91F172E16A5; Thu, 20 Jun 2013 16:05:05 +0200 (CEST)
Received: from VOEXC18W.internal.vodafone.com (145.230.101.20) by VOEXC01W.internal.vodafone.com (145.230.101.21) with Microsoft SMTP Server (TLS) id 14.2.328.11; Thu, 20 Jun 2013 16:05:05 +0200
Received: from VOEXM31W.internal.vodafone.com ([169.254.7.242]) by voexc18w.internal.vodafone.com ([145.230.101.20]) with mapi id 14.02.0328.011; Thu, 20 Jun 2013 16:05:04 +0200
From: "Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com>
To: "Vijay K. Gurbani" <vkg@bell-labs.com>, "dispatch@ietf.org" <dispatch@ietf.org>
Thread-Topic: [dispatch] Proposed charter for work on logging
Thread-Index: Ac4LyOtf/7ujcRPHQoOZ6+wpJgfGIAR6wVFQEpuAXZAAEl09AAFUv0EQ
Date: Thu, 20 Jun 2013 14:05:03 +0000
Message-ID: <4A4F136CBD0E0D44AE1EDE36C4CD9D996EE6EC89@VOEXM31W.internal.vodafone.com>
References: <EDC0A1AE77C57744B664A310A0B23AE210701601FC@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com> <949EF20990823C4C85C18D59AA11AD8BF1BA@FR712WXCHMBA11.zeu.alcatel-lucent.com> <4A4F136CBD0E0D44AE1EDE36C4CD9D996EE6D673@VOEXM31W.internal.vodafone.com> <51BA382E.4040605@bell-labs.com>
In-Reply-To: <51BA382E.4040605@bell-labs.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dispatch] Proposed charter for work on logging
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jun 2013 14:05:13 -0000

Hi Vijay,
The utility of a marker is that currently there is no SIP protocol mechanism to indicate that signalling is of interest to logging, so it is not a logging format issue but an issue of making regression testing and troubleshooting scaleable by not having to log everything. 

Thanks for the pointer to RFC 6872, I will take a look at it.

Regards,
Peter

-----Original Message-----
From: dispatch-bounces@ietf.org [mailto:dispatch-bounces@ietf.org] On Behalf Of Vijay K. Gurbani
Sent: 13 June 2013 22:23
To: dispatch@ietf.org
Subject: Re: [dispatch] Proposed charter for work on logging

On 06/13/2013 06:17 AM, Dawes, Peter, Vodafone Group wrote:
> Hello All, Following on from the comments at IETF#86 
> (http://www.ietf.org/proceedings/86/minutes/minutes-86-dispatch),
> where there was mild support for working on logging, I have updated 
> the log me requirements draft with 3 potential solutions (in clause
> 7) which can meet the requirements
> (http://www.ietf.org/internet-drafts/draft-dawes-dispatch-logme-reqs-02.txt).
> Opinions and comments on these or any other potential solutions would 
> be very welcome.

Peter: I am not being a contrarian, just being curious.

What is the utility of a log-me marker if all traffic is logged through a mechanism such as SIP CLF?

> It was commented at IETF#86 that a security analysis is needed so I 
> would like to understand if any scenarios exist with potential 
> security threats in order to add them to requirements. In many cases, 
> a network simply logs the signalling that passes through it so no new 
> security issues are created. Collecting end-to-end logging for 
> signalling that crosses multiple networks must not compromise security 
> or privacy, but I would expect networks to remove any security 
> sensitive fields before forwarding signalling regardless of whether 
> that signalling is of interest to logging.

We went through discussions related to all of the above points during the SIP CLF work.  See the Security Consideration section of [1]; it may provide you some answers.

[1] http://tools.ietf.org/html/rfc6872

Thanks,

- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani@alcatel-lucent.com
Web: http://ect.bell-labs.com/who/vkg/  | Calendar: http://goo.gl/x3Ogq _______________________________________________
dispatch mailing list
dispatch@ietf.org
https://www.ietf.org/mailman/listinfo/dispatch

v2.23.0 | Report a Bug | By Email