(Bundling answers to two messages)
On 26/04/2018 20:40, Dave O'Reilly wrote:
...
>> IMHO we should say nothing that appears to be a recommendation
>> about the duration of logging. We can say as a factual matter that
>> logging is useful for operational purposes (fault diagnosis, abuse
>> detection, and statistical analysis) and may be legally required.
>
> As I mentioned earlier in this discussion, logging is also useful with
> respect to the societal need for law enforcement (which is not a euphemism
> for anything!) and also with respect to the rights of victims of crime.
>
> I mention this again because these two items are always left of the list of
> reasons why logging is useful, just like you did in your email, but they’re
> really important ones despite their unpopularity.
Then the wisest course for the IETF, which writes technical documents,
is probably to miss out the use cases completely, and simply say
"is useful for operational purposes and may be legally required".
On 26/04/2018 23:42, Amelia Andersdotter wrote:
...
>> We can say that the logs SHOULD be stored securely, and SHOULD NOT
>> be retained any longer than is needed for these purposes.
>
> The risk is then that it's not practically useful for people in
> organisations that lack large legal teams.
That is somebody's problem, but the IETF writes technical specs, and
we don't do well at governance issues. If we make it our problem,
I'm not sure the discussion will ever end. Writing guidance that will
apply equally to (say) Sweden, Burkina Faso and China is probably
impossible anyway.
...
> (I know my affiliation is an CSO for IETF purposes, but
> plenty of CSOs don't work in tech standards groups at all)
To be a little picky, your affiliation doesn't matter here...
we all participate as individuals in the IETF. To be clear,
you raise important issues - for me the question is whether
the IETF is competent to solve them, beyond the narrow technical
aspect.
Regards
Brian
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
