At 10:12 PM 5/2/01 -0700, Anonymous wrote:
>
>Seems to me that secure digital timestamps on the logs
>would be really interesting to anyone wanting to preserve
>their usefulness as evidence.
>
If you protected some logs (say, local user logins) really well,
and left other logs (say HTTP) unprotected then it would be *mighty easy*
to bring
up degrees-of-trust in a trial.
I can imagine good operational reasons why lots of users might need write
access to an HTTP log.
(E.g., different user-level CGIs writing to the same HTTP log) and why you
might
want to track user logins more reliably than http hits.
