Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Amelia Andersdotter
On 2018-04-24 17:44, Ted Lemon wrote: > On Apr 24, 2018, at 11:30 AM, Dave O'Reilly > wrote: >> Could you give me an example of when you think it would be >> appropriate to log source port and when it would not be? > > It's not appropriate to log source

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Brian E Carpenter
On 25/04/2018 00:49, Dave O'Reilly wrote: > Amelia, > > I have read this draft now and, once again, it seems there has been no > consideration of the implications for law enforcement of these > recommendations. A further example of the "privacy is good, more privacy is > better" philosophy. >

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Brian E Carpenter
On 25/04/2018 11:37, Ted Lemon wrote: > Brian, does the server *have* to collect everything? Clearly not, but operations people are much more likely to apply a "log everything we can store" approach than to be selective in advance. I think it's privacy law, not IETF BCPs, that will make them

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 7:57 PM, Brian E Carpenter wrote: > Clearly not, but operations people are much more likely to apply a "log > everything we can store" approach than to be selective in advance. I think > it's privacy law, not IETF BCPs, that will make them think

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Amelia Andersdotter
On 2018-04-25 00:26, Brian E Carpenter wrote: > On 24/04/2018 18:08, Amelia Andersdotter wrote: >> Dear Mohamed, >> >> See below: >> >> On 2018-04-24 07:25, mohamed.boucad...@orange.com wrote: >>> [Med] I don't have a problem with the general intent of your text, my >>> concern is that you link

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Brian E Carpenter
On 24/04/2018 18:08, Amelia Andersdotter wrote: > Dear Mohamed, > > See below: > > On 2018-04-24 07:25, mohamed.boucad...@orange.com wrote: >> >> [Med] I don't have a problem with the general intent of your text, my >> concern is that you link those explicitly with RFC6302 which is misleading.

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Brian E Carpenter
On 25/04/2018 01:25, Ted Lemon wrote: > On Apr 24, 2018, at 9:11 AM, > wrote: >> What sort of trade-offs can be added to Dave’s document? Do you have in mind >> something like: >> (1) >> -Warranting that logging may be misused for

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 6:53 PM, Brian E Carpenter wrote: > I have trouble with that. When a user complains that "my transaction at 23:59 > UTC > yesterday failed", it's too late to switch on logging. So I think in > practice, logging > for problem debugging needs to

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Amelia Andersdotter
On 2018-04-25 03:22, Ted Lemon wrote: > On Apr 24, 2018, at 7:57 PM, Brian E Carpenter > > wrote: >> Clearly not, but operations people are much more likely to apply a "log >> everything we can store" approach than to be selective in

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread mohamed.boucadair
Re-, Please see inline. Cheers, Med > -Message d'origine- > De : Amelia Andersdotter [mailto:ame...@article19.org] > Envoyé : mardi 24 avril 2018 08:09 > À : BOUCADAIR Mohamed IMT/OLN; int-area@ietf.org > Cc : Stephen Farrell > Objet : Re: draft-andersdotter (was RE: [Int-area] WG

Re: [Int-area] draft-andersdotter (was RE: WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Amelia Andersdotter
Dear Mohamed, See below: On 2018-04-24 07:25, mohamed.boucad...@orange.com wrote: > > [Med] I don't have a problem with the general intent of your text, my concern > is that you link those explicitly with RFC6302 which is misleading. RFC6302 > has a very clear focus: address sharing. > >

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Dave O'Reilly
Tom, I think the points you raise below need to be challenged because (a) they are not a priori true and (b) they oversimplify a much more nuanced situation. See below. >> >> However, I agree with you that a broader discussion within the IETF of the >> balance between privacy and the

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 1:58 AM, wrote: > [Med] I confirm that Dave’s I-D does not define a new behavior. It has the > merit to discuss issues related to source ports. I do agree this is a minor > contribution, but I like it because it

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Dave O'Reilly
Amelia, I have read this draft now and, once again, it seems there has been no consideration of the implications for law enforcement of these recommendations. A further example of the "privacy is good, more privacy is better" philosophy. I also reviewed RFC6973 and the exact same problem is

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Dave O'Reilly
All I can say in response to your email is that I appeal to the fair-mindedness of the other readers of this thread to decide for themselves whether my conclusion does a disservice to the discussion that has taken place here. In the quote from my email below what I’m saying is that there are

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 5:11 AM, Dave O'Reilly wrote: > Part of the problem that I have noticed is that the discussions of privacy > vs. law enforcement access to data are very ideologically motivated - on both > sides - with neither side apparently willing to accept that the other

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 9:11 AM, wrote: > What sort of trade-offs can be added to Dave’s document? Do you have in mind > something like: > (1) > -Warranting that logging may be misused for tracking users? > -Logging information

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Amelia Andersdotter
On 2018-04-24 15:25, Ted Lemon wrote: > On Apr 24, 2018, at 9:11 AM, > > wrote: >> What sort of trade-offs can be added to Dave’s document? Do you have >> in

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread mohamed.boucadair
Thank you Ted for clarifying. Please see inline. Cheers, Med De : Ted Lemon [mailto:mel...@fugue.com] Envoyé : mardi 24 avril 2018 15:26 À : BOUCADAIR Mohamed IMT/OLN Cc : Stephen Farrell; int-area@ietf.org Objet : Re: [Int-area] WG adoption call: Availability of Information in Criminal

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Dave O'Reilly
Ted, Could you give me an example of when you think it would be appropriate to log source port and when it would not be? Thanks, daveor > On 24 Apr 2018, at 16:26, Ted Lemon wrote: > > On Apr 24, 2018, at 9:53 AM, >

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Tom Herbert
On Tue, Apr 24, 2018 at 2:11 AM, Dave O'Reilly wrote: > Tom, > > I think the points you raise below need to be challenged because (a) they are > not a priori true and (b) they oversimplify a much more nuanced situation. > See below. > >>> >>> However, I agree with you that a

Re: [Int-area] WG adoption call: Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies

2018-04-24 Thread Ted Lemon
On Apr 24, 2018, at 11:30 AM, Dave O'Reilly wrote: > Could you give me an example of when you think it would be appropriate to log > source port and when it would not be? It's not appropriate to log source port if there's no potential for abuse by the connecting party, or if