Joe, On 10/05/2018 03:02, Joe Touch wrote: > > >> >> From: Int-area <[email protected] >> <mailto:[email protected]>> on behalf of >> "[email protected] <mailto:[email protected]>" >> <[email protected] <mailto:[email protected]>> >> Date: Wednesday, May 9, 2018 at 7:26 AM >> To: Juan Carlos Zuniga <[email protected] >> <mailto:[email protected]>>, "[email protected] >> <mailto:[email protected]>" <[email protected] <mailto:[email protected]>> >> Subject: Re: [Int-area] WG adoption call: Availability of Information in >> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies >> >> Hi all, <> >> >> There is no reason to revisit or deprecate RFC6302: >> · The root technical issues as documented by intarea (RC6269) are >> still valid. Those issues will be experienced by more and more in the future. >> · RFC6302 records a valid technical recommendation for servers >> logging IP addresses for abuse purposes. >> >> I don’t think that the IETF has to mandate or preclude (IP address) logging. > > I agree with the last sentence above, but I also think that the IETF > shouldn’t be making “recommendations” in this area either (i.e., the last > sentence implies to me that RFC6302 needs to be deprecated). 6302 is about > identifying customers - not protocol or network diagnostics. > > IMO: > > - the IETF should speak to logging only when it relates to *protocol or > network diagnostics*
That may be a bit narrow, which is why I prefer ...relates to *operational requirements*. And yes, that could include requirements over which the operator has no control, such as regulatory requirements. It's really not the IETF's business *why* an operator decides to log stuff. RFC 6302 is about *how* to log address information. > - this means that the current document should not proceed A slightly different question from whether we should tackle the topic. I don't think the IETF would do itself any favours by tackling the topic. That doesn't mean the topic is unimportant, just that this is not the venue for it. > - this means that RFC6302 should be deprecated Why? It is about operational logging, and specifically says (end of section 2): >> The above recommendations apply to current logging practices. They >> do not require any changes in the way logging is performed; e.g., >> which packets are examined and logged. Regards Brian _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
