Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

mohamed.boucadair Thu, 10 May 2018 22:22:57 -0700

Hi Joe,

This is a little bit subtle.


RFC6302 is about operating and protecting a server against abuses, 
denial-of-service, and all the issues discussed in rfc6269#section-13.1. 6302 
does not ask a server to enable logging or not:


   The above recommendations apply to current logging practices.  They

   do not require any changes in the way logging is performed; e.g.,

   which packets are examined and logged.

Further, 6302 says explicitly:

   Discussions about data-retention policies are out of scope for this
   document.

Cheers,
Med

De : Int-area [mailto:[email protected]] De la part de Joe Touch
Envoyé : mercredi 9 mai 2018 17:02
À : int-area
Objet : Re: [Int-area] WG adoption call: Availability of Information in 
Criminal Investigations Involving Large-Scale IP Address Sharing Technologies





From: Int-area <[email protected]<mailto:[email protected]>> on 
behalf of "[email protected]<mailto:[email protected]>" 
<[email protected]<mailto:[email protected]>>
Date: Wednesday, May 9, 2018 at 7:26 AM
To: Juan Carlos Zuniga 
<[email protected]<mailto:[email protected]>>, 
"[email protected]<mailto:[email protected]>" 
<[email protected]<mailto:[email protected]>>
Subject: Re: [Int-area] WG adoption call: Availability of Information in 
Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

Hi all,

There is no reason to revisit or deprecate RFC6302:
•         The root technical issues as documented by intarea (RC6269) are still 
valid. Those issues will be experienced by more and more in the future.
•         RFC6302 records a valid technical recommendation for servers logging 
IP addresses for abuse purposes.

I don’t think that the IETF has to mandate or preclude (IP address) logging.

I agree with the last sentence above, but I also think that the IETF shouldn’t 
be making “recommendations” in this area either (i.e., the last sentence 
implies to me that RFC6302 needs to be deprecated). 6302 is about identifying 
customers - not protocol or network diagnostics.

IMO:

- the IETF should speak to logging only when it relates to *protocol or network 
diagnostics*
- this means that the current document should not proceed
- this means that RFC6302 should be deprecated

Joe

_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

Reply via email to