On 5/9/2018 3:44 AM, Juan Carlos Zuniga wrote: > Hello, > > > > The call is now over and there’s been a good discussion on the list. > Even though there is clearly no rough consensus to get the document > adopted by the WG, many interesting points have been made. > > > > More than the details about what/where/when/how/for-how-long to log, > the more important question is whether IETF should say anything about > this topic or not. > > > > For this, we need to consider not only the technical details, but also > the intended audience and the potential implications that the document > could have outside the IETF. > > > > There are three options, which could lead to different next steps: > > > > * Should IETF say anything at all about logging? > o If yes, > + Are we ok with RFC 6302 in its current form? > # If yes: Then we have nothing else to do > # If no: Should we amend 6302? > o If no, > + Should we deprecate/make-historical 6302? > > > > Although this is something that may need to be addressed beyond the > IntArea WG, any inputs people can provide here would be useful. >
Dave's initial focus was a recommendation for logging on servers, typically web servers. Such recommendations need to balance a variety of requirements, from application debugging to failure and fraud investigations. They also need to consider the inherent risks of storing private information in logs, from risks of leakage in case of compromises to non compliance with the GDPR in the EU. The int area group traditionally focuses on internet level issues. If "the IETF" wants to issue recommendations for logging on servers, would it not be a better idea to carry that work in the ops area, or maybe the app area? -- Christian Huitema
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
