Re: [Int-area] Re draft-daveor-cgn-logging-02/RFC6302

<mohamed.boucadair@orange.com> Thu, 05 April 2018 14:24 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E586412D93F for <int-area@ietfa.amsl.com>; Thu, 5 Apr 2018 07:24:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.609
X-Spam-Level:
X-Spam-Status: No, score=-2.609 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31I_BZhfEnON for <int-area@ietfa.amsl.com>; Thu, 5 Apr 2018 07:24:36 -0700 (PDT)
Received: from orange.com (mta239.mail.business.static.orange.com [80.12.66.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A99D212D88F for <int-area@ietf.org>; Thu, 5 Apr 2018 07:24:35 -0700 (PDT)
Received: from opfedar05.francetelecom.fr (unknown [xx.xx.xx.7]) by opfedar26.francetelecom.fr (ESMTP service) with ESMTP id 1C7991C03F8; Thu, 5 Apr 2018 16:24:34 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.3]) by opfedar05.francetelecom.fr (ESMTP service) with ESMTP id 032156007E; Thu, 5 Apr 2018 16:24:34 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM5D.corporate.adroot.infra.ftgroup ([fe80::9898:741c:bc1d:258d%19]) with mapi id 14.03.0382.000; Thu, 5 Apr 2018 16:24:33 +0200
From: mohamed.boucadair@orange.com
To: Dave O'Reilly <rfc@daveor.com>, "int-area@ietf.org" <int-area@ietf.org>
Thread-Topic: [Int-area] Re draft-daveor-cgn-logging-02/RFC6302
Thread-Index: AQHTzFMrWOwp7PXfLkyvH2g2xkT0xaPyNlqA
Date: Thu, 05 Apr 2018 14:24:33 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302DEF8B55@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <CE7E9C19-E906-48A8-B2DF-C86C48C1D95D@daveor.com> <8E6F0C13-486F-47A9-B1F6-255D915AEE69@daveor.com>
In-Reply-To: <8E6F0C13-486F-47A9-B1F6-255D915AEE69@daveor.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.2]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/0fO5gbtRfTcCpHn0kaE8J2OdQjY>
Subject: Re: [Int-area] Re draft-daveor-cgn-logging-02/RFC6302
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2018 14:24:38 -0000

Hi Dave, 

I have a comment about the proposed update to RFC 6269 (the same comment applies for RFC6302, though). 

Actually, the proposed NEW text will require an extra effort to align timestamps among the server which maintains the logs, the authorities that relay an abuse claim, and the provider who manages the CGN. That extra effort has to be done by the entity managing the log server. 

From that standpoint, the proposed NEW text is no more than another example of "Accurate time-keeping"...which IMHO does not justify an update to the 6269. 

Cheers,
Med

> -----Message d'origine-----
> De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Dave O'Reilly
> Envoyé : mercredi 4 avril 2018 22:26
> À : int-area@ietf.org
> Objet : Re: [Int-area] Re draft-daveor-cgn-logging-02/RFC6302
> 
> Dear all,
> 
> Further to my email below, I have revised draft-daveor-cgn-logging and
> revision -03 is now available. I have restructured the content into the form
> of recommendations.
> 
> Here’s the link: https://tools.ietf.org/html/draft-daveor-cgn-logging-03
> 
> I have also included, at sections 7.6 and 7.7, proposed amendments to RFC6302
> and RFC6269 respectively.
> 
> Regards,
> daveor
> 
> > On 20 Mar 2018, at 13:45, Dave O'Reilly <rfc@daveor.com> wrote:
> >
> > Dear all,
> >
> > further to presenting at IETF-101 yesterday I wanted to send a follow up
> email to see if there is interest in working on a new best current practice
> for logging at internet-facing servers.
> >
> > I hope I adequately presented the reasons why I think there needs to be
> some revision of the recommendations of RFC6302 and that there is some
> additional points to be considered in draft-daveor-cgn-logging-02.
> >
> > The current version of the document (draft-daveor-cgn-logging-02) contains
> recommendations, but it is not really in the form of a BCP. If there is
> interest, I would like to suggest, in the first instance at least, that I
> prepare a new version of the document, structured in the form of a BCP with a
> set of recommendations for discussion.
> >
> > Any feedback would be appreciated.
> >
> > Thanks and best regards,
> > daveor
> >
> > _______________________________________________
> > Int-area mailing list
> > Int-area@ietf.org
> > https://www.ietf.org/mailman/listinfo/int-area
> 
> _______________________________________________
> Int-area mailing list
> Int-area@ietf.org
> https://www.ietf.org/mailman/listinfo/int-area