Thank you Ted for clarifying. Please see inline.
Cheers, Med De : Ted Lemon [mailto:[email protected]] Envoyé : mardi 24 avril 2018 15:26 À : BOUCADAIR Mohamed IMT/OLN Cc : Stephen Farrell; [email protected] Objet : Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies On Apr 24, 2018, at 9:11 AM, <[email protected]<mailto:[email protected]>> <[email protected]<mailto:[email protected]>> wrote: What sort of trade-offs can be added to Dave’s document? Do you have in mind something like: (1) - Warranting that logging may be misused for tracking users? - Logging information can be used for profiling users? - Not logging is also an option? I don't think Dave's document is a good starting point. Amelia (I think it was Amelia) already pointed out a number of things to talk about: for example, if you are going to log source ports, it should be possible to log them only when doing so is necessary, and not log them at other times. [Med] Sure, if the intent was to discuss logging in general. But, when it comes to source ports in the context of address sharing, I’m adopting a distinct approach: whenever a server decides to log the IP address for abuse, it has to maintain a record of the source. Because otherwise, its records won’t be useful in case an important address ratio is used. In other words, I don’t think we can mandate to a server if and when it has to log source IP address. This is a meaningful technical point that would have clear implications in the code that got written. [Med] Isn’t the code for logging source IP address already there? It's not just a platitude to put in the privacy considerations section. That's what I have in mind too. [Med] Fair. So yes, of course we should say "there are problems with logging source ports, and these are some examples of the problems doing so can cause." TBH, if I were an open source implementor, I would just ignore any advice about logging source ports, so if you want the document to have any relevance in that space, you have to give such people a reason for doing it and a basis for doing as little harm as possible. [Med] IMHO, that part is already in https://tools.ietf.org/html/rfc6269#section-13.1 (Abuse Logging and Penalty Boxes)
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
