Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
Amelia Andersdotter <amelia@article19.org> Tue, 24 April 2018 13:33 UTC
Return-Path: <amelia@article19.org>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42110129C59 for <hrpc@ietfa.amsl.com>; Tue, 24 Apr 2018 06:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QJt4R5NWKBaC for <hrpc@ietfa.amsl.com>; Tue, 24 Apr 2018 06:32:55 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EA4D129C51 for <hrpc@irtf.org>; Tue, 24 Apr 2018 06:32:55 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <amelia@article19.org>) id 1fAy3x-0001FI-FM; Tue, 24 Apr 2018 15:32:54 +0200
To: Niels ten Oever <mail@nielstenoever.net>
Cc: Hrpc <hrpc@irtf.org>
References: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <d55b1de5-36b6-6e1e-b94e-918f36ab38b0@article19.org> <20180424094118.GB23134@mir>
From: Amelia Andersdotter <amelia@article19.org>
Openpgp: preference=signencrypt
Autocrypt: addr=amelia@article19.org; prefer-encrypt=mutual; keydata= xsFNBFjWlnsBEAC+jUN+LJE+mmxEL8lHSrvg47xSBMb9GdtH1Jr8tRSxXiO6R5E+FydsfqkL sjO0dI3x/VnNBi/kgPFFWiAzDEwGTiR/C9b/Muo+xrY+it6e49N56LTPGezrY2dy5yo6VcLl 7UwGz3fIWiNIj7dvuoPMBoO1uacF073E+dqDM5CmNh6o+OrHW8zhUlC9hKgXCq+8XpZJw90H un1zsHF0sRDiurjfYaCcbdAGK9+th9378ed1ZvLVo5uBVQXdydl3eJkNCOELq7VOS7oxSliA uX5/nj9A4LjeeYXgNbwGfKrMjlffP0FcAcgfzg9seqDd1DEk9EVaUMTr32fbWOQHjinXSC7r Lw4xaNfoBebIe1M6z16Xg7+bXXCTdmJYcL9ugmkvT6tGnR12Pfoca1oBwXPvA0VIRi86kCSU D9qvZ3Vl07MKD2hsvFkGZJOQfEaYv5QLpCWv6RCjfDNC05IyMeSW4H18Fr/BoHX8FXHV3+9H LsbJQ/Zrofd/Cm+TKEmXLAtYc7iXvzV+mw3/u0VYqjEy/CRYa62Ah0NNNVIuswfRVIfx3UZo jX4y8j2Kh0jtUV5A4GGf8H3SzQ/cB0I7wTRHU9mCPVCtH6M26nPumL4Zr4D6uGnAmPf9xnlX lokOn2Qxf/mBldsL41PDbEpYhZvvn5kJ/Z9Qh7Fks/hfTbbJowARAQABzSxBbWVsaWEgQW5k ZXJzZG90dGVyIDxhbWVsaWFAYW5kZXJzZG90dGVyLmNjPsLBlwQTAQgAQQIbIwUJCWYBgAUL CQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBD1dtsq4UrmIBVpqb/7xwpS06AtVBQJY1pdiAhkB AAoJEP7xwpS06AtVI0sP/Al6eUycymdT1R7v0uEQv4coonnOUV6FKj/4wc+wM+A0h7vlqADr j4nS7RRSQRUo8xJ9tvR9J1Eyske5bvakOYv64f9PrNY1Z6ABhJzK34kJxekEfeLmpXAB4wst GhD8dGC/z/b9Oau0AW1GWIP0eNWq4acDf9Qf+j0wqQi25OZUXnu5KeUX7mvPTHKZLyEZlwHV atXmZHWKnQWtEPZTQfv/zESsoBAm1TbaLapgxVG9uLW+I9kj72TB/AZ5hMSKMYWZ2dC+8eEs Xd22tn6907aUmZhFT89jbEyS996WeZ+SQ5G1Okrq02qYXcCi5vm3AuvLlbRYHguh42TLaVq1 er7PiYOYH77FFmnZWW6ChFnf7xsDep2tpNxn+QUZLgO3+5kL7TfO7D2H57kjVVMdkNn+01nz kfcn76K7nuU6Dc4pItPzbDndhdxulnm9cicOEfGQqvta9ffxk4YWyAu9PUNARVRNf6OnoDQQ Zo8l1o37q9PFXJyQwzvxdd9u6uzTny2wp9eig75pD3dYHCRIQeYmkv1kB81mc86cwgvuw1Qy /QwiCBNXSSuIvLO78b+/dB0DLVQC/c6gtyWXRpC4ysF4EaEZophjT60d12YRanR+fWuH+qu2 wsT+z1d4tC5/6UJMPr3bxREh9JHThm5Y3cDBmcn0PGqtDKkwjCkqex5bzsFNBFjWlnsBEADF jusaTo9W8VeWluCK/oJqyyyF1wMvou0ldfuoOpUZrOqsY67TM7yBqsv5COPVgAV+xp+axor5 oHWxibd283w0Ok4dK6tvtNGwUqyDRlHtQ92DG/u4Tg5eOwrHNUn73/rfeBD9KhKAXcNKKPoc cLgR8oQTXpO7eRo+0NI52pXQ6LdZ0wddYeTcHglsNKN1TK+CyYS7xfGolsZXXoBOKcyhfj/c kPFVIHWpGpEtcYWTZWvXgLprzHvpKzkzNyBwejaXE+bqCT2dRl3omI/e2t3Vq33hFUUSAdxr FF29vMX/YsSnYqsFOIoayna+TRsDFAfZvbvHBOMckeJzvA8yBdadw7CM08Uw8wqH7n9BA3oq //QpZJekPfrc2E9nM9H0d51T0uStLMbYDWdwxvfPA3p9z8L91vobt8bM/Jbhl9h+X2Yq9oBC iTI7b2izYd9FVG4BwBIdeh3bh9R9HExgRjF3XQ6uafT3pcVOPASdv9FRUYH1Va7QWQifoha0 B7UXKx1OpX1Z6XR2NQ9KN2MvlwvBKdHtm6tBzUIFzW6D8vUOxiYKBA4fppJt/LJF4jsaCEyI /CVQnkC0yL5DKFOdigxTipwEL9Uc6r7VfR5OAGFd6vzuJFy+j+/WhzaVT1oVYp6eQXh0bBtq qH2Mq9sAMnIjvaNYIKiQKgMa1Pa3OWQbQQARAQABwsF8BBgBCAAmFiEEPV22yrhSuYgFWmpv /vHClLToC1UFAljWlnsCGwwFCQlmAYAACgkQ/vHClLToC1XnRw//W4lzE8FddceKXGRwO/T1 u4uzH9EjPCj+3/eHCrLI+h1m7QPyH1DrFAtZBoA6UoaF0+vIAJXM9/HI1FZ09EUdJr5X/+YR EErFom4DbE1FK8fpK1/Hw2zI+7Xa8bVkmYrKhMGhi1Gq6Dtksn/H4USdJL53ZPt10SVNK7H3 w93Yp1GC4+0zWjfrsKfsHYZZr2SZyb5/gZlngfgaqiQLhIcPYmiU1GQi9QWkGxWRxk0YQXBw hekewvgltATxlRSCwguAi4uck9fAct9GGdpsshSOgAb9YIAnEV3EqaGnf0PknXp3vNHAZWrf M+RyuNdm2L5TjDU0rIrvyqGP3pR33cREGOAil5Sz2uFArmwsPt8VffbEXlf7qZqRBKaYeKt0 qnxKMx1+e1JilVsfb8qtnAWAFDyR0HMlVj/dvGAmq/auPSOAUWRSnDRyT6rv/vXxrbkL4uxW ax46qdpDhR15mS5MTng6b5b3Uox7xlveo/Sx71AdNf4goPvB/ntv0DiMuh+fmLGk3zrxs4Xd 30Sx+qQwVaXR5xc5rgnF81wvfmuAOb2eP9mpD6DoabkpxC8fLk17AK7Q1ZTgcZ+8XLRFnavd PrwCa9RU0BF53lJMSTPzyBcMwZ4sqA6Z5IRFVt7rEbSeeD8REiawo+FvVt9j0fKdNEBeaJ3W Y5hlhNPcUXr4q1U=
Organization: ARTICLE19
Message-ID: <b96858c3-cc24-4ab2-6066-8209d6ac4e90@article19.org>
Date: Tue, 24 Apr 2018 15:32:52 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <20180424094118.GB23134@mir>
Content-Type: text/plain; charset="windows-1252"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: eb84bc049aa50d59c182d1adb242eeac
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/9I63GqQUKlES1j9E_6tkj0R4kLw>
Subject: Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "mail@nielstenoever.net" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2018 13:33:02 -0000
in int-area. here https://www.ietf.org/mail-archive/web/int-area/current/maillist.html On 2018-04-24 11:41, Niels ten Oever wrote: > Thanks for this! Which lists is this being discussed? > > Cheers, > > Niels > > > On Mon, Apr 23, 2018 at 10:52:42AM +0200, Amelia Andersdotter wrote: >> Dear all, >> >> join the fun over at int-area relating to this new draft: >> >> https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to-rfc6302/ >> >> best, >> >> A >> >> >> >> -------- Forwarded Message -------- >> Subject: draft-andersdotter (was RE: [Int-area] WG adoption call: >> Availability of Information in Criminal Investigations Involving >> Large-Scale IP Address Sharing Technologies >> Date: Mon, 23 Apr 2018 08:38:56 +0000 >> From: mohamed.boucadair@orange.com >> To: Amelia Andersdotter <amelia@article19.org>, int-area@ietf.org >> <int-area@ietf.org> >> CC: Stephen Farrell <stephen.farrell@cs.tcd.ie> >> >> >> >> Dear Amelia, >> >> Some comments about the main recommendations in draft-andersdotter: >> >> SHOULD only store entire incoming IP addresses for as long as is >> necessary to provide the specific service requested by the user. >> >> Med: This is implementation and deployment-specific. Not sure we can mandate a server how to service users. >> >> SHOULD keep only the first two octets (of an IPv4 address) or the >> first three octets (of an IPv6 address) with remaining octets set >> to zero, when logging. >> >> Med: A server can decide to follow this reco, but it will be difficult for the owner of the server to claim an abuse and help identifying responsibilities. >> >> Please note that RFC6302 ** does not recommend to log IP addresses** :. >> >> "It is RECOMMENDED as best current practice that Internet-facing >> servers logging incoming IP addresses from inbound IP traffic also >> log " >> >> which means ** IF ** a server logs source IP address, then it has to log also the source port. >> >> SHOULD NOT store logs of incoming IP addresses from inbound >> traffic for longer than three days. >> >> Med: It is out of the scope of the IETF to define the duration of logs. This is country-specific. >> >> SHOULD NOT log unnecessary identifiers, such as source port >> number, time stamps, transport protocol numbers or destination >> port numbers. >> >> Med: Not sure to understand this one. "unnecessary identifiers" is not clear. I prefer the current language in 6302 which identifies the minimum set of information. >> >> SHOULD ensure adequate log access control, with suitable >> mechanisms for keeping track of which entity accesses logged >> identifiers, for what reason and at what time. >> >> Med: I hear you, but this is out of scope of the IETF. Access rights to retention data is well known and is not altered by the IETF specification. >> >> Cheers, >> Med >> >>> -----Message d'origine----- >>> De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Amelia >>> Andersdotter >>> Envoyé : lundi 23 avril 2018 10:11 >>> À : int-area@ietf.org >>> Cc : Stephen Farrell >>> Objet : Re: [Int-area] WG adoption call: Availability of Information in >>> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies >>> >>> I've tabled a similar draft but with a different scope. Happy to discuss >>> with members on the list: >>> >>> https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to- >>> rfc6302/ >>> >>> -- >>> >>> Amelia Andersdotter >>> Technical Consultant, Digital Programme >>> >>> ARTICLE19 >>> www.article19.org >>> >>> PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 >>> >>> _______________________________________________ >>> Int-area mailing list >>> Int-area@ietf.org >>> https://www.ietf.org/mailman/listinfo/int-area >> _______________________________________________ >> hrpc mailing list >> hrpc@irtf.org >> https://www.irtf.org/mailman/listinfo/hrpc -- Amelia Andersdotter Technical Consultant, Digital Programme ARTICLE19 www.article19.org PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55
- [hrpc] Fwd: draft-andersdotter (was RE: [Int-area… Amelia Andersdotter
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Niels ten Oever
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Amelia Andersdotter
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Vittorio Bertola
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Mallory Knodel