IETF Logo Mail Archive

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

<mohamed.boucadair@orange.com> Tue, 24 April 2018 05:25 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAEE0124B0A for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 22:25:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 78zq3zCqOflR for <int-area@ietfa.amsl.com>; Mon, 23 Apr 2018 22:25:29 -0700 (PDT)
Received: from orange.com (mta136.mail.business.static.orange.com [80.12.70.36]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5041612420B for <int-area@ietf.org>; Mon, 23 Apr 2018 22:25:29 -0700 (PDT)
Received: from opfednr01.francetelecom.fr (unknown [xx.xx.xx.65]) by opfednr26.francetelecom.fr (ESMTP service) with ESMTP id 976DE205E5; Tue, 24 Apr 2018 07:25:27 +0200 (CEST)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.63]) by opfednr01.francetelecom.fr (ESMTP service) with ESMTP id 6B01E1A007B; Tue, 24 Apr 2018 07:25:27 +0200 (CEST)
Received: from OPEXCLILMA3.corporate.adroot.infra.ftgroup ([fe80::60a9:abc3:86e6:2541]) by OPEXCLILM6E.corporate.adroot.infra.ftgroup ([fe80::f5a7:eab1:c095:d9ec%18]) with mapi id 14.03.0389.001; Tue, 24 Apr 2018 07:25:27 +0200
From: mohamed.boucadair@orange.com
To: Amelia Andersdotter <amelia@article19.org>, "int-area@ietf.org" <int-area@ietf.org>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: draft-andersdotter (was RE: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
Thread-Index: AQHT2zXYGSW57HSQIUmRzl19mSQPPaQPXkNg
Date: Tue, 24 Apr 2018 05:25:26 +0000
Message-ID: <787AE7BB302AE849A7480A190F8B93302DF1063D@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
References: <787AE7BB302AE849A7480A190F8B93302DF0FAF6@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <21afe991-a347-8d30-39b4-255042e5bdbd@article19.org>
In-Reply-To: <21afe991-a347-8d30-39b4-255042e5bdbd@article19.org>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.168.234.6]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/iHxjSb2h39q_Xz4jVtvcPR10FSQ>
Subject: Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2018 05:25:32 -0000

Dear Amelia, 

Please see inline. 

Cheers,
Med

> -----Message d'origine-----
> De : Amelia Andersdotter [mailto:amelia@article19.org]
> Envoyé : lundi 23 avril 2018 21:04
> À : BOUCADAIR Mohamed IMT/OLN; int-area@ietf.org
> Cc : Stephen Farrell
> Objet : Re: draft-andersdotter (was RE: [Int-area] WG adoption call:
> Availability of Information in Criminal Investigations Involving Large-Scale
> IP Address Sharing Technologies
> 
> Dear Mohamed,
> all,
> 
> On 2018-04-23 10:38, mohamed.boucadair@orange.com wrote:
> > Dear Amelia,
> >
> > Some comments about the main recommendations in draft-andersdotter:
> >
> >       SHOULD only store entire incoming IP addresses for as long as is
> >       necessary to provide the specific service requested by the user.
> >
> > Med: This is implementation and deployment-specific. Not sure we can
> mandate a server how to service users.
> 
> It's a recommendation. Cf. RFC2119 on the word SHOULD. That said, the
> draft is meant to encourage good (best!) practises that can assist with
> both privacy focus and regulatory compliance. The IETF cannot stop
> anyone from following a poor practise, and certainly I can't.

[Med] It is a not a problem with the language of the reco, but its implementation. The IETF cannot dictate which information is required to provide a service and whether an IP address is needed. This is really implementation-specific. 

> 
> >       SHOULD keep only the first two octets (of an IPv4 address) or the
> >       first three octets (of an IPv6 address) with remaining octets set
> >       to zero, when logging.
> >
> > Med: A server can decide to follow this reco, but it will be difficult for
> the owner of the server to claim an abuse and help identifying
> responsibilities.
> 
> The recommendation is partially inspired by web analytics
> recommendations for Piwik/Matomo installations by French DPA CNIL, but
> of course also enjoys support from the data minimization strategies
> advanced in RFC6973.

[Med] I don't have a problem with the general intent of your text, my concern is that you link those explicitly with RFC6302 which is misleading. RFC6302 has a very clear focus: address sharing. 

> 
> > Please note that RFC6302 ** does not recommend to log IP addresses** :.
> >
> >    "It is RECOMMENDED as best current practice that Internet-facing
> >    servers logging incoming IP addresses from inbound IP traffic also
> >    log "
> >
> > which means ** IF ** a server logs source IP address, then it has to log
> also the source port.
> 
> Indeed, my proposal is to recommend that servers do not log IP addresses
> other than to the extent recommended. If they don't log IP addresses at
> all, they would be following the recommendations.

[Med] How those servers will react to DDoS attacks or other abuses? 

> 
> >       SHOULD NOT store logs of incoming IP addresses from inbound
> >       traffic for longer than three days.
> >
> > Med: It is out of the scope of the IETF to define the duration of logs.
> This is country-specific.
> 
> I'm proposing a recommendation for a best practise.

[Med] But there are laws out of there. I don't think that we need to interfere with those. 

 Presumably if for
> legal reasons one finds oneself unable to follow best practise, one
> follows a worse practise instead. The fact that some people may have to
> follow a worse practise is not a reason to recommend a poor practise.
> 
> >       SHOULD NOT log unnecessary identifiers, such as source port
> >       number, time stamps, transport protocol numbers or destination
> >       port numbers.
> >
> > Med: Not sure to understand this one. "unnecessary identifiers" is not
> clear. I prefer the current language in 6302 which identifies the minimum set
> of information.
> 
> The recommendation follows immediately from data minimization in
> RFC6973, which is consistently adhered to in IETF drafts with a privacy
> focus.

[Med] But how this is related to RFC6302 context? 

> 
> >       SHOULD ensure adequate log access control, with suitable
> >       mechanisms for keeping track of which entity accesses logged
> >       identifiers, for what reason and at what time.
> >
> > Med: I hear you, but this is out of scope of the IETF. Access rights to
> retention data is well known and is not altered by the IETF specification.
> 
> I don't understand the objection. The IETF discusses access control and
> authentication in various circumstances.

[Med] Rules to access regulatory data are well known. 

> 
> If anything, the recommendation could be accused of being too inexact to
> qualify as a good recommendation. The scope of it is fine and well
> within IETFs mandate.
> 
> best regards,
> 
> Amelia
> 
> > Cheers,
> > Med
> >
> >> -----Message d'origine-----
> >> De : Int-area [mailto:int-area-bounces@ietf.org] De la part de Amelia
> >> Andersdotter
> >> Envoyé : lundi 23 avril 2018 10:11
> >> À : int-area@ietf.org
> >> Cc : Stephen Farrell
> >> Objet : Re: [Int-area] WG adoption call: Availability of Information in
> >> Criminal Investigations Involving Large-Scale IP Address Sharing
> Technologies
> >>
> >> I've tabled a similar draft but with a different scope. Happy to discuss
> >> with members on the list:
> >>
> >> https://datatracker.ietf.org/doc/draft-andersdotter-intarea-update-to-
> >> rfc6302/
> >>
> >> --
> >>
> >> Amelia Andersdotter
> >> Technical Consultant, Digital Programme
> >>
> >> ARTICLE19
> >> www.article19.org
> >>
> >> PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55
> >>
> >> _______________________________________________
> >> Int-area mailing list
> >> Int-area@ietf.org
> >> https://www.ietf.org/mailman/listinfo/int-area
> 
> 
> --
> Amelia Andersdotter
> Technical Consultant, Digital Programme
> 
> ARTICLE19
> www.article19.org
> 
> PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55
>

v2.23.0 | Report a Bug | By Email