Re: [ietf-privacy] Logging Recommendations for Internet-Facing Servers

Stephen Farrell <> Mon, 16 June 2014 00:48 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E20531B2990 for <>; Sun, 15 Jun 2014 17:48:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lGVMKbxqr2_d for <>; Sun, 15 Jun 2014 17:48:44 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id BEC0D1B298C for <>; Sun, 15 Jun 2014 17:48:44 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7AB01BF42; Mon, 16 Jun 2014 01:48:43 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3l1r8ta1NUrN; Mon, 16 Jun 2014 01:48:42 +0100 (IST)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 98088BF3D; Mon, 16 Jun 2014 01:48:41 +0100 (IST)
Message-ID: <>
Date: Mon, 16 Jun 2014 01:48:21 +0100
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: S Moonesamy <>, Linus Nordberg <>
References: <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [ietf-privacy] Logging Recommendations for Internet-Facing Servers
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 16 Jun 2014 00:48:48 -0000


On 15/06/14 19:38, S Moonesamy wrote:
> Hi Stephen,
> At 05:51 15-06-2014, Stephen Farrell wrote:
>> Q: How will that happen?
>> A: Someone will need to write an I-D:-)
>> If someone does such an I-D that is reasonable and improves
>> privacy, I'll be happy to help that progress.
> Ok.
>> Not sure if the BCP's RFC would need replacing or if updating
>> the BCP with a 2nd RFC would be right myself, so talking to
>> the original authors and/or the intarea list would seem wise.
>> They might also have other stuff they'd like to revise, who
>> knows. (The draft leading to this BCP [1] was an intarea [2]
>> draft.)
> In theory a (future) RFC can be added to BCP 162.  In practice people
> won't read it or miss it.

Possibly fair point, but OTOH BCP10 and others consist of >1 RFC
and work. For now at least, I'd concentrate on how to the get the
new privacy-friendly stuff agreed, rather than worry too much as
to how its represented in RFC(s).

> A first step might be to talk to the authors
> to see what they would like to do.  The INTAREA working group [1] lacks
> the expertise to review privacy-related drafts.  People with an actual
> interest in privacy will have to participate in the working group and
> review the proposed update to BCP 162.

Who knows? I would agree that the intarea is probably not a hotbed
of privacy activists. But its also equally true that folks on that
list are probably as clueful as here, and so may well have quite a
good appreciation of how privacy is more important than previously.

So I'd say give it a whirl if you've the energy to write an I-D and
fwiw I'll try push forward with good work regardless of how its
locally received in one or another IETF WG (no matter the relevant
WG is an area-wg). But, equally, I'm not interested in helping with
work on things that haven't even tried to be run by the best list
of relevant/interested folks. I do get that that's not a very clear
distinction (sorry:-) but I hope it helps, and regardless am happy
to chat more, on and/or off list.


> Regards,
> S. Moonesamy
> 1.