Re: [ietf-privacy] Logging Recommendations for Internet-Facing Servers
S Moonesamy <sm+ietf@elandsys.com> Tue, 17 June 2014 20:06 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 707ED1A011C for <ietf-privacy@ietfa.amsl.com>; Tue, 17 Jun 2014 13:06:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.441
X-Spam-Level:
X-Spam-Status: No, score=-2.441 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RP_MATCHES_RCVD=-0.651, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ECaFQVm8iA1F for <ietf-privacy@ietfa.amsl.com>; Tue, 17 Jun 2014 13:05:54 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id A42031A00DF for <ietf-privacy@ietf.org>; Tue, 17 Jun 2014 13:05:48 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.146.13]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s5HK5S5L004005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 17 Jun 2014 13:05:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1403035546; x=1403121946; bh=Nq1XiQoNwHltH/+yUFnEL2kq3ucMIX+x7iVsJqSKIW0=; h=Date:To:From:Subject:In-Reply-To:References; b=Ny7jUWJ94+rD4r1ab6nA55A4LC51LE6/eJdYpYDGKw+vGyse0ATmQ5IxnvJXGS7Rn RTDXG9ovTwtXsnFAp0/oyoonuheY0cF7fG3lHscU9Htr/ViDDY1R7+AKqui8XdGoXb KjBt2065swIEkRO47XCz0mU8cxtAilDb2PwHYD9Y=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1403035546; x=1403121946; i=@elandsys.com; bh=Nq1XiQoNwHltH/+yUFnEL2kq3ucMIX+x7iVsJqSKIW0=; h=Date:To:From:Subject:In-Reply-To:References; b=J9+KPORUO47nYowfZ5ymvLxAqhWX/v3wSdzSNLqfBfMYouCIvk/b2k9ckgjxjGYb7 /wA5oUFTjclUvgR7YQRrhPnrN7dXZjWir+g/QEd3n/o74wnNm+NmHuSNUGoCXjk8oR jiopCC3azBqqHXJXBTnIStnqCkFEhunDoPNybKjc=
Message-Id: <6.2.5.6.2.20140617121255.0bb1ac10@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Tue, 17 Jun 2014 13:03:10 -0700
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, ietf-privacy@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <53A08F5A.1090103@fifthhorseman.net>
References: <6.2.5.6.2.20140605221300.0d300d58@elandnews.com> <87d2eaz7x2.fsf@nordberg.se> <539D96ED.2060901@cs.tcd.ie> <6.2.5.6.2.20140615110808.0bb44ef8@elandnews.com> <539E3ED5.7090705@cs.tcd.ie> <6.2.5.6.2.20140617094116.0b82a330@elandnews.com> <53A08F5A.1090103@fifthhorseman.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/qAoPp668BFtgspzR7RfdOXq-ul4
Subject: Re: [ietf-privacy] Logging Recommendations for Internet-Facing Servers
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jun 2014 20:06:06 -0000
Hi Daniel, At 11:56 17-06-2014, Daniel Kahn Gillmor wrote: >I'm surprised to hear you say this, given that you're thanked in the >acknowledgments section of RFC 6973 (Privacy Considerations for Internet >Protocols). Do you think that RFC doesn't provide useful guidance or >vocabulary? RFC 6973 was published in the IAB Stream [1]. Someone could argue that it is not an IETF document. It is not possible to argue against that. I reviewed RFC 6973 before it was published as a RFC. In my opinion it contains useful guidance and vocabulary. There is the following in RFC 6973: "Protecting against stored data compromise is typically outside the scope of IETF protocols. However, a number of common protocol functions -- key management, access control, or operational logging, for example -- require the storage of data about initiators of communications. When requiring or recommending that information about initiators or their communications be stored or logged by end systems (see, e.g., RFC 6302 [RFC6302]), it is important to recognize the potential for that information to be compromised and for that potential to be weighed against the benefits of data storage. Any recipient, intermediary, or enabler that stores data may be vulnerable to compromise. (Note that stored data compromise is distinct from purposeful disclosure, which is discussed in Section 5.2.4.)" With hindsight I would say that I did not pay sufficient attention to the RFC 6302 reference in the above. For what it is worth my last comments about RFC 6973 was dated February 2013. Regards, S. Moonesamy 1. http://www.rfc-editor.org/info/rfc6973
- [ietf-privacy] Logging Recommendations for Intern… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Linus Nordberg
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor