Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
Niels ten Oever <mail@nielstenoever.net> Tue, 24 April 2018 09:41 UTC
Return-Path: <mail@nielstenoever.net>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F893124217 for <hrpc@ietfa.amsl.com>; Tue, 24 Apr 2018 02:41:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vuiOPm1VS2pS for <hrpc@ietfa.amsl.com>; Tue, 24 Apr 2018 02:41:25 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5ABD3120721 for <hrpc@irtf.org>; Tue, 24 Apr 2018 02:41:24 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <mail@nielstenoever.net>) id 1fAuRt-0002jA-Vz for hrpc@irtf.org; Tue, 24 Apr 2018 11:41:23 +0200
Date: Tue, 24 Apr 2018 11:41:18 +0200
From: Niels ten Oever <mail@nielstenoever.net>
To: Amelia Andersdotter <amelia@article19.org>
Cc: Hrpc <hrpc@irtf.org>
Message-ID: <20180424094118.GB23134@mir>
References: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <d55b1de5-36b6-6e1e-b94e-918f36ab38b0@article19.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="R3G7APHDIzY6R/pk"
Content-Disposition: inline
In-Reply-To: <d55b1de5-36b6-6e1e-b94e-918f36ab38b0@article19.org>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: 00ca572c58d2a72aaa1283be2358df10
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/TAm33NWig8eXcAHihWsigf-jpB8>
Subject: Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "mail@nielstenoever.net" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2018 09:41:28 -0000
Thanks for this! Which lists is this being discussed? Cheers, Niels On Mon, Apr 23, 2018 at 10:52:42AM +0200, Amelia Andersdotter wrote: > Dear all, > > join the fun over at int-area relating to this new draft: > > https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to-rfc6302/ > > best, > > A > > > > -------- Forwarded Message -------- > Subject: draft-andersdotter (was RE: [Int-area] WG adoption call: > Availability of Information in Criminal Investigations Involving > Large-Scale IP Address Sharing Technologies > Date: Mon, 23 Apr 2018 08:38:56 +0000 > From: mohamed.boucadair@orange.com > To: Amelia Andersdotter <amelia@article19.org>, int-area@ietf.org > <int-area@ietf.org> > CC: Stephen Farrell <stephen.farrell@cs.tcd.ie> > > > > Dear Amelia, > > Some comments about the main recommendations in draft-andersdotter: > > SHOULD only store entire incoming IP addresses for as long as is > necessary to provide the specific service requested by the user. > > Med: This is implementation and deployment-specific. Not sure we can mandate a server how to service users. > > SHOULD keep only the first two octets (of an IPv4 address) or the > first three octets (of an IPv6 address) with remaining octets set > to zero, when logging. > > Med: A server can decide to follow this reco, but it will be difficult for the owner of the server to claim an abuse and help identifying responsibilities. > > Please note that RFC6302 ** does not recommend to log IP addresses** :. > > "It is RECOMMENDED as best current practice that Internet-facing > servers logging incoming IP addresses from inbound IP traffic also > log " > > which means ** IF ** a server logs source IP address, then it has to log also the source port. > > SHOULD NOT store logs of incoming IP addresses from inbound > traffic for longer than three days. > > Med: It is out of the scope of the IETF to define the duration of logs. This is country-specific. > > SHOULD NOT log unnecessary identifiers, such as source port > number, time stamps, transport protocol numbers or destination > port numbers. > > Med: Not sure to understand this one. "unnecessary identifiers" is not clear. I prefer the current language in 6302 which identifies the minimum set of information. > > SHOULD ensure adequate log access control, with suitable > mechanisms for keeping track of which entity accesses logged > identifiers, for what reason and at what time. > > Med: I hear you, but this is out of scope of the IETF. Access rights to retention data is well known and is not altered by the IETF specification. > > Cheers, > Med > > > -----Message d'origine----- > > De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Amelia > > Andersdotter > > Envoyé : lundi 23 avril 2018 10:11 > > À : int-area@ietf.org > > Cc : Stephen Farrell > > Objet : Re: [Int-area] WG adoption call: Availability of Information in > > Criminal Investigations Involving Large-Scale IP Address Sharing Technologies > > > > I've tabled a similar draft but with a different scope. Happy to discuss > > with members on the list: > > > > https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to- > > rfc6302/ > > > > -- > > > > Amelia Andersdotter > > Technical Consultant, Digital Programme > > > > ARTICLE19 > > www.article19.org > > > > PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 > > > > _______________________________________________ > > Int-area mailing list > > Int-area@ietf.org > > https://www.ietf.org/mailman/listinfo/int-area > > _______________________________________________ > hrpc mailing list > hrpc@irtf.org > https://www.irtf.org/mailman/listinfo/hrpc -- Niels ten Oever Researcher and PhD Candidate Datactive Research Group University of Amsterdam PGP fingerprint 2458 0B70 5C4A FD8A 9488 643A 0ED8 3F3A 468A C8B3
- [hrpc] Fwd: draft-andersdotter (was RE: [Int-area… Amelia Andersdotter
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Niels ten Oever
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Amelia Andersdotter
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Vittorio Bertola
- Re: [hrpc] Fwd: draft-andersdotter (was RE: [Int-… Mallory Knodel