Hi Martijn, On Wed, 13 Sep 2023, Martijn Katerbarg via Servercert-wg wrote:
During our last WebTrust audit cycle it became clear that our interpretation of "Firewall and router activities" and CPA Canada's interpretation were meaningfully different. In particular it came to light that in its most aggressive possible interpretation, the actual logging of a firewall activity would itself constitute a firewall activity, which would itself require logging, as would the log of the log entry of that log entry, the log of this newest log entry, and etcetera into infinity. In our opinion, too much "valid traffic" logging, makes it harder to find "bad traffic".
That does sound intriguing. Would it be possible for you to go into a little more detail about what the actual point of contention was? I am assuming it was not actually the infinite layers of log events, but either way I would appreciate if you could share a bit more details.
Tobi _______________________________________________ Servercert-wg mailing list [email protected] https://lists.cabforum.org/mailman/listinfo/servercert-wg
