On 12/05/2018 01:55, Joe Touch wrote: > Whether 6302 makes a strong recommendation or not, it is clearly aimed at > policy issues. > > I don’t think we need documents to explain how to implement software that > isn’t focused on supporting the protocols we specify. > > I prefer to have 6302 deprecated so it is no longer usable as justification > to do otherwise (e.g., as has been done throughout this discussion).
Only by not reading the words Med quoted. I agree it would have been better wordsmithed if it literally said "IF you examine and log packets THEN this is how to do it." But logically, that's what it says. Brian > > Joe > >> On May 10, 2018, at 10:21 PM, [email protected] wrote: >> >> Hi Joe, >> >> This is a little bit subtle. >> >> RFC6302 is about operating and protecting a server against abuses, >> denial-of-service, and all the issues discussed in rfc6269#section-13.1. >> 6302 does not ask a server to enable logging or not: >> >> The above recommendations apply to current logging practices. They >> do not require any changes in the way logging is performed; e.g., >> which packets are examined and logged. >> >> Further, 6302 says explicitly: >> >> Discussions about data-retention policies are out of scope for this >> document. >> >> Cheers, >> Med >> >> De : Int-area [mailto:[email protected]] De la part de Joe Touch >> Envoyé : mercredi 9 mai 2018 17:02 >> À : int-area >> Objet : Re: [Int-area] WG adoption call: Availability of Information in >> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies >> >> >> >> >> >> From: Int-area <[email protected] >> <mailto:[email protected]>> on behalf of >> "[email protected] <mailto:[email protected]>" >> <[email protected] <mailto:[email protected]>> >> Date: Wednesday, May 9, 2018 at 7:26 AM >> To: Juan Carlos Zuniga <[email protected] >> <mailto:[email protected]>>, "[email protected] >> <mailto:[email protected]>" <[email protected] <mailto:[email protected]>> >> Subject: Re: [Int-area] WG adoption call: Availability of Information in >> Criminal Investigations Involving Large-Scale IP Address Sharing Technologies >> >> Hi all, <> >> >> There is no reason to revisit or deprecate RFC6302: >> · The root technical issues as documented by intarea (RC6269) are >> still valid. Those issues will be experienced by more and more in the future. >> · RFC6302 records a valid technical recommendation for servers >> logging IP addresses for abuse purposes. >> >> I don’t think that the IETF has to mandate or preclude (IP address) logging. >> >> I agree with the last sentence above, but I also think that the IETF >> shouldn’t be making “recommendations” in this area either (i.e., the last >> sentence implies to me that RFC6302 needs to be deprecated). 6302 is about >> identifying customers - not protocol or network diagnostics. >> >> IMO: >> >> - the IETF should speak to logging only when it relates to *protocol or >> network diagnostics* >> - this means that the current document should not proceed >> - this means that RFC6302 should be deprecated >> >> Joe > > > > > _______________________________________________ > Int-area mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
