On 13/09/2013 14:37, Stephen Farrell wrote:
On 09/13/2013 05:54 AM, Moritz Bartl wrote:
Hi,
I would very much like to see servers having a minimal logging policy by
default, especially and at least when it comes to IP addresses. I wonder
if RFC 6302 is the right document to look at or extend for this.
Or obsolete it.
It is easy to flip a switch to enable IP logging. The default should be
no IP logs, which is true for most XMPP servers, for example, but not
for web or mail servers.
The wonderfully ironically named PRISM [1] project was an EU funded
project that did some work on obfuscating IP addresses in logs.
rfc6235
Regards, Benoit
I'd love to see an RFC that described such techniques and recommended
when to use what, so we could point people at that.
Any takers for a -00 to get that going?
S.
[1] http://www.fp7-prism.eu/
On a side node, can we do anything to get rid of sender IP addresses in
(the first) Received headers of mail?
-- Moritz
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
.
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
