IETF Logo Mail Archive

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

Amelia Andersdotter <amelia@article19.org> Mon, 23 April 2018 19:04 UTC

Return-Path: <amelia@article19.org>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DDF312D88E for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 12:04:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SSur62zqYzG4 for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 12:04:03 -0700 (PDT)
Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4A912D810 for <int-area@ietf.org>; Mon, 23 Apr 2018 12:04:03 -0700 (PDT)
Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <amelia@article19.org>) id 1fAgkr-0000qc-3n; Mon, 23 Apr 2018 21:04:01 +0200
To: mohamed.boucadair@orange.com, "int-area@ietf.org" <int-area@ietf.org>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: Amelia Andersdotter <amelia@article19.org>
Openpgp: preference=signencrypt
Autocrypt: addr=amelia@article19.org; prefer-encrypt=mutual; keydata= xsFNBFjWlnsBEAC+jUN+LJE+mmxEL8lHSrvg47xSBMb9GdtH1Jr8tRSxXiO6R5E+FydsfqkL sjO0dI3x/VnNBi/kgPFFWiAzDEwGTiR/C9b/Muo+xrY+it6e49N56LTPGezrY2dy5yo6VcLl 7UwGz3fIWiNIj7dvuoPMBoO1uacF073E+dqDM5CmNh6o+OrHW8zhUlC9hKgXCq+8XpZJw90H un1zsHF0sRDiurjfYaCcbdAGK9+th9378ed1ZvLVo5uBVQXdydl3eJkNCOELq7VOS7oxSliA uX5/nj9A4LjeeYXgNbwGfKrMjlffP0FcAcgfzg9seqDd1DEk9EVaUMTr32fbWOQHjinXSC7r Lw4xaNfoBebIe1M6z16Xg7+bXXCTdmJYcL9ugmkvT6tGnR12Pfoca1oBwXPvA0VIRi86kCSU D9qvZ3Vl07MKD2hsvFkGZJOQfEaYv5QLpCWv6RCjfDNC05IyMeSW4H18Fr/BoHX8FXHV3+9H LsbJQ/Zrofd/Cm+TKEmXLAtYc7iXvzV+mw3/u0VYqjEy/CRYa62Ah0NNNVIuswfRVIfx3UZo jX4y8j2Kh0jtUV5A4GGf8H3SzQ/cB0I7wTRHU9mCPVCtH6M26nPumL4Zr4D6uGnAmPf9xnlX lokOn2Qxf/mBldsL41PDbEpYhZvvn5kJ/Z9Qh7Fks/hfTbbJowARAQABzSxBbWVsaWEgQW5k ZXJzZG90dGVyIDxhbWVsaWFAYW5kZXJzZG90dGVyLmNjPsLBlwQTAQgAQQIbIwUJCWYBgAUL CQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBD1dtsq4UrmIBVpqb/7xwpS06AtVBQJY1pdiAhkB AAoJEP7xwpS06AtVI0sP/Al6eUycymdT1R7v0uEQv4coonnOUV6FKj/4wc+wM+A0h7vlqADr j4nS7RRSQRUo8xJ9tvR9J1Eyske5bvakOYv64f9PrNY1Z6ABhJzK34kJxekEfeLmpXAB4wst GhD8dGC/z/b9Oau0AW1GWIP0eNWq4acDf9Qf+j0wqQi25OZUXnu5KeUX7mvPTHKZLyEZlwHV atXmZHWKnQWtEPZTQfv/zESsoBAm1TbaLapgxVG9uLW+I9kj72TB/AZ5hMSKMYWZ2dC+8eEs Xd22tn6907aUmZhFT89jbEyS996WeZ+SQ5G1Okrq02qYXcCi5vm3AuvLlbRYHguh42TLaVq1 er7PiYOYH77FFmnZWW6ChFnf7xsDep2tpNxn+QUZLgO3+5kL7TfO7D2H57kjVVMdkNn+01nz kfcn76K7nuU6Dc4pItPzbDndhdxulnm9cicOEfGQqvta9ffxk4YWyAu9PUNARVRNf6OnoDQQ Zo8l1o37q9PFXJyQwzvxdd9u6uzTny2wp9eig75pD3dYHCRIQeYmkv1kB81mc86cwgvuw1Qy /QwiCBNXSSuIvLO78b+/dB0DLVQC/c6gtyWXRpC4ysF4EaEZophjT60d12YRanR+fWuH+qu2 wsT+z1d4tC5/6UJMPr3bxREh9JHThm5Y3cDBmcn0PGqtDKkwjCkqex5bzsFNBFjWlnsBEADF jusaTo9W8VeWluCK/oJqyyyF1wMvou0ldfuoOpUZrOqsY67TM7yBqsv5COPVgAV+xp+axor5 oHWxibd283w0Ok4dK6tvtNGwUqyDRlHtQ92DG/u4Tg5eOwrHNUn73/rfeBD9KhKAXcNKKPoc cLgR8oQTXpO7eRo+0NI52pXQ6LdZ0wddYeTcHglsNKN1TK+CyYS7xfGolsZXXoBOKcyhfj/c kPFVIHWpGpEtcYWTZWvXgLprzHvpKzkzNyBwejaXE+bqCT2dRl3omI/e2t3Vq33hFUUSAdxr FF29vMX/YsSnYqsFOIoayna+TRsDFAfZvbvHBOMckeJzvA8yBdadw7CM08Uw8wqH7n9BA3oq //QpZJekPfrc2E9nM9H0d51T0uStLMbYDWdwxvfPA3p9z8L91vobt8bM/Jbhl9h+X2Yq9oBC iTI7b2izYd9FVG4BwBIdeh3bh9R9HExgRjF3XQ6uafT3pcVOPASdv9FRUYH1Va7QWQifoha0 B7UXKx1OpX1Z6XR2NQ9KN2MvlwvBKdHtm6tBzUIFzW6D8vUOxiYKBA4fppJt/LJF4jsaCEyI /CVQnkC0yL5DKFOdigxTipwEL9Uc6r7VfR5OAGFd6vzuJFy+j+/WhzaVT1oVYp6eQXh0bBtq qH2Mq9sAMnIjvaNYIKiQKgMa1Pa3OWQbQQARAQABwsF8BBgBCAAmFiEEPV22yrhSuYgFWmpv /vHClLToC1UFAljWlnsCGwwFCQlmAYAACgkQ/vHClLToC1XnRw//W4lzE8FddceKXGRwO/T1 u4uzH9EjPCj+3/eHCrLI+h1m7QPyH1DrFAtZBoA6UoaF0+vIAJXM9/HI1FZ09EUdJr5X/+YR EErFom4DbE1FK8fpK1/Hw2zI+7Xa8bVkmYrKhMGhi1Gq6Dtksn/H4USdJL53ZPt10SVNK7H3 w93Yp1GC4+0zWjfrsKfsHYZZr2SZyb5/gZlngfgaqiQLhIcPYmiU1GQi9QWkGxWRxk0YQXBw hekewvgltATxlRSCwguAi4uck9fAct9GGdpsshSOgAb9YIAnEV3EqaGnf0PknXp3vNHAZWrf M+RyuNdm2L5TjDU0rIrvyqGP3pR33cREGOAil5Sz2uFArmwsPt8VffbEXlf7qZqRBKaYeKt0 qnxKMx1+e1JilVsfb8qtnAWAFDyR0HMlVj/dvGAmq/auPSOAUWRSnDRyT6rv/vXxrbkL4uxW ax46qdpDhR15mS5MTng6b5b3Uox7xlveo/Sx71AdNf4goPvB/ntv0DiMuh+fmLGk3zrxs4Xd 30Sx+qQwVaXR5xc5rgnF81wvfmuAOb2eP9mpD6DoabkpxC8fLk17AK7Q1ZTgcZ+8XLRFnavd PrwCa9RU0BF53lJMSTPzyBcMwZ4sqA6Z5IRFVt7rEbSeeD8REiawo+FvVt9j0fKdNEBeaJ3W Y5hlhNPcUXr4q1U=
Organization: ARTICLE19
Message-ID: <21afe991-a347-8d30-39b4-255042e5bdbd@article19.org>
Date: Mon, 23 Apr 2018 21:03:59 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
X-Virus-Scanned: by clamav at smarthost1.samage.net
X-Scan-Signature: f3d1e7b0e1870f2691f17ae931629edf
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/52tJikN10K_cooeP20X9AYdNqus>
Subject: Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2018 19:04:06 -0000

Dear Mohamed,
all,

On 2018-04-23 10:38, mohamed.boucadair@orange.com wrote:
> Dear Amelia, 
>
> Some comments about the main recommendations in draft-andersdotter: 
>
>       SHOULD only store entire incoming IP addresses for as long as is
>       necessary to provide the specific service requested by the user.
>
> Med: This is implementation and deployment-specific. Not sure we can mandate a server how to service users.  

It's a recommendation. Cf. RFC2119 on the word SHOULD. That said, the
draft is meant to encourage good (best!) practises that can assist with
both privacy focus and regulatory compliance. The IETF cannot stop
anyone from following a poor practise, and certainly I can't.

>       SHOULD keep only the first two octets (of an IPv4 address) or the
>       first three octets (of an IPv6 address) with remaining octets set
>       to zero, when logging.
>
> Med: A server can decide to follow this reco, but it will be difficult for the owner of the server to claim an abuse and help identifying responsibilities.  

The recommendation is partially inspired by web analytics
recommendations for Piwik/Matomo installations by French DPA CNIL, but
of course also enjoys support from the data minimization strategies
advanced in RFC6973.

> Please note that RFC6302 ** does not recommend to log IP addresses** :.
>
>    "It is RECOMMENDED as best current practice that Internet-facing
>    servers logging incoming IP addresses from inbound IP traffic also
>    log "
>
> which means ** IF ** a server logs source IP address, then it has to log also the source port. 

Indeed, my proposal is to recommend that servers do not log IP addresses
other than to the extent recommended. If they don't log IP addresses at
all, they would be following the recommendations.

>       SHOULD NOT store logs of incoming IP addresses from inbound
>       traffic for longer than three days.
>
> Med: It is out of the scope of the IETF to define the duration of logs. This is country-specific. 

I'm proposing a recommendation for a best practise. Presumably if for
legal reasons one finds oneself unable to follow best practise, one
follows a worse practise instead. The fact that some people may have to
follow a worse practise is not a reason to recommend a poor practise.

>       SHOULD NOT log unnecessary identifiers, such as source port
>       number, time stamps, transport protocol numbers or destination
>       port numbers.
>
> Med: Not sure to understand this one. "unnecessary identifiers" is not clear. I prefer the current language in 6302 which identifies the minimum set of information. 

The recommendation follows immediately from data minimization in
RFC6973, which is consistently adhered to in IETF drafts with a privacy
focus.

>       SHOULD ensure adequate log access control, with suitable
>       mechanisms for keeping track of which entity accesses logged
>       identifiers, for what reason and at what time.
>
> Med: I hear you, but this is out of scope of the IETF. Access rights to retention data is well known and is not altered by the IETF specification. 

I don't understand the objection. The IETF discusses access control and
authentication in various circumstances.

If anything, the recommendation could be accused of being too inexact to
qualify as a good recommendation. The scope of it is fine and well
within IETFs mandate.

best regards,

Amelia

> Cheers,
> Med
>
>> -----Message d'origine-----
>> De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Amelia
>> Andersdotter
>> Envoyé : lundi 23 avril 2018 10:11
>> À : int-area@ietf.org
>> Cc : Stephen Farrell
>> Objet : Re: [Int-area] WG adoption call: Availability of Information in
>> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
>>
>> I've tabled a similar draft but with a different scope. Happy to discuss
>> with members on the list:
>>
>> https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to-
>> rfc6302/
>>
>> --
>>
>> Amelia Andersdotter
>> Technical Consultant, Digital Programme
>>
>> ARTICLE19
>> www.article19.org
>>
>> PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55
>>
>> _______________________________________________
>> Int-area mailing list
>> Int-area@ietf.org
>> https://www.ietf.org/mailman/listinfo/int-area


-- 
Amelia Andersdotter
Technical Consultant, Digital Programme

ARTICLE19
www.article19.org

PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55

v2.23.0 | Report a Bug | By Email