Yes, it is better now. -Teemu
2013/12/10 Peter Waher <[email protected]>: > Hello Teemu > > Thanks for the feedback. The description in §7.3.2 was perhaps a bit > minimalistic. I extended it as follows: > > Event messages could be published using Publish-Subscribe. Unless there's > absolute control of who can subscribe to the information published in this > manner, the information should be considered open and freely available. In > such cases extra care should be taken to not publish information of a > sensitive nature, or information that can be mined for information, behavior > patterns, trends, etc., that can be viewed as being of a sensitive nature. If > there's a risk that either absolute control cannot be achieved and > information is of a sensitive nature, this pattern should be avoided. > > Ok? > > Best regards, > Peter Waher > > > -----Original Message----- > From: Teemu Väisänen [mailto:[email protected]] > Sent: den 10 december 2013 14:37 > To: XMPP Standards; Peter Waher > Subject: Re: [Standards] eventlogging xeps > > Hi Peter. > > Section 7.3.2 Publish/Subscribe describes: "Event messages could be published > using Publish-Subscribe. But, even more care should be taken to log only > information that can be published openly. If there's risk for sensitive > information to be logged, the publish/subscribe pattern should be avoided." > > If information is sensitive, the information should not be logged, as said in > 7.2. Do you mean that if sensitive information is still sent using pubsub, > there are more actors (pubsub server, subscribers) that might log and/or leak > the sensitive information and because of that the pubsub pattern should be > avoided? > > Would it be wise to move the second line "But, even more care should be taken > to log only information that can be published openly.", e.g., to section 7.2. > because it relates also to other cases than pubsub? > > Could the last sentence be something more like: "If there's risk for > sensitive information to be logged, the publish/subscribe pattern should be > avoided in systems that contain any not trusted or any uncontrolled actors." > That is because we could have a setup where we have a trusted pubsub server > and we log (also) sensitive information in several trusted > subscribers/loggers. > > BR, Teemu > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2014.0.4259 / Virus Database: 3658/6904 - Release Date: 12/09/13
