[Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
<mohamed.boucadair@orange.com> Mon, 23 April 2018 08:38 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9FD6124217 for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 01:38:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuxTNnw9FNq6 for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 01:38:58 -0700 (PDT)
Received: from orange.com (mta136.mail.business.static.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB494120713 for <int-area@ietf.org>; Mon, 23 Apr 2018 01:38:57 -0700 (PDT)
Received: from opfednr06.francetelecom.fr (unknown [xx.xx.xx.70]) by opfednr22.francetelecom.fr (ESMTP service) with ESMTP id A8D792059D; Mon, 23 Apr 2018 10:38:56 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.62]) by opfednr06.francetelecom.fr (ESMTP service) with ESMTP id 8CB871A0051; Mon, 23 Apr 2018 10:38:56 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM5E.corporate.adroot.infra.ftgroup ([fe80::2912:bfa5:91d3:bf63%18]) with mapi id 14.03.0389.001; Mon, 23 Apr 2018 10:38:56 +0200
From: mohamed.boucadair@orange.com
To: Amelia Andersdotter <amelia@article19.org>, "int-area@ietf.org" <int-area@ietf.org>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
Thread-Index: AdPa3oLFzBnCDb15Tpyj80ydoOFu/w==
Date: Mon, 23 Apr 2018 08:38:56 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.6]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/Q9rOS9oLNjli8brRf_zB00_Q88Q>
Subject: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Apr 2018 08:39:00 -0000
Dear Amelia,
Some comments about the main recommendations in draft-andersdotter:
SHOULD only store entire incoming IP addresses for as long as is
necessary to provide the specific service requested by the user.
Med: This is implementation and deployment-specific. Not sure we can mandate a server how to service users.
SHOULD keep only the first two octets (of an IPv4 address) or the
first three octets (of an IPv6 address) with remaining octets set
to zero, when logging.
Med: A server can decide to follow this reco, but it will be difficult for the owner of the server to claim an abuse and help identifying responsibilities.
Please note that RFC6302 ** does not recommend to log IP addresses** :.
"It is RECOMMENDED as best current practice that Internet-facing
servers logging incoming IP addresses from inbound IP traffic also
log "
which means ** IF ** a server logs source IP address, then it has to log also the source port.
SHOULD NOT store logs of incoming IP addresses from inbound
traffic for longer than three days.
Med: It is out of the scope of the IETF to define the duration of logs. This is country-specific.
SHOULD NOT log unnecessary identifiers, such as source port
number, time stamps, transport protocol numbers or destination
port numbers.
Med: Not sure to understand this one. "unnecessary identifiers" is not clear. I prefer the current language in 6302 which identifies the minimum set of information.
SHOULD ensure adequate log access control, with suitable
mechanisms for keeping track of which entity accesses logged
identifiers, for what reason and at what time.
Med: I hear you, but this is out of scope of the IETF. Access rights to retention data is well known and is not altered by the IETF specification.
Cheers,
Med
> -----Message d'origine-----
> De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Amelia
> Andersdotter
> Envoyé : lundi 23 avril 2018 10:11
> À : int-area@ietf.org
> Cc : Stephen Farrell
> Objet : Re: [Int-area] WG adoption call: Availability of Information in
> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
>
> I've tabled a similar draft but with a different scope. Happy to discuss
> with members on the list:
>
> https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to-
> rfc6302/
>
> --
>
> Amelia Andersdotter
> Technical Consultant, Digital Programme
>
> ARTICLE19
> www.article19.org
>
> PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55
>
> _______________________________________________
> Int-area mailing list
> Int-area@ietf.org
> https://www.ietf.org/mailman/listinfo/int-area
- [Int-area] draft-andersdotter (was RE: WG adoptio… mohamed.boucadair
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Amelia Andersdotter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… mohamed.boucadair
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Amelia Andersdotter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… mohamed.boucadair
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Brian E Carpenter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Ted Lemon
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Brian E Carpenter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Ted Lemon
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Amelia Andersdotter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Amelia Andersdotter
- Re: [Int-area] draft-andersdotter (was RE: WG ado… mohamed.boucadair
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Dave O'Reilly
- Re: [Int-area] draft-andersdotter (was RE: WG ado… Amelia Andersdotter