[ietf-privacy] Logging Recommendations for Internet-Facing Servers
S Moonesamy <sm+ietf@elandsys.com> Fri, 06 June 2014 07:15 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED29E1A03DA for <ietf-privacy@ietfa.amsl.com>; Fri, 6 Jun 2014 00:15:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.651
X-Spam-Level:
X-Spam-Status: No, score=-2.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GB3Nyecb1mdb for <ietf-privacy@ietfa.amsl.com>; Fri, 6 Jun 2014 00:15:32 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EE861A0047 for <ietf-privacy@ietf.org>; Fri, 6 Jun 2014 00:15:32 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.138.226]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s567FDLh008013 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-privacy@ietf.org>; Fri, 6 Jun 2014 00:15:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1402038925; x=1402125325; bh=+53F1KDf3trKCZp1ZQs+o8kCWFv7oU5x5BWnI/uVj1s=; h=Date:To:From:Subject; b=FRmvjcevLegXzbx44szz7R4jsdE+vafgW0IGl7UtuY9O8Aoiw5+ybdkvttaklTaIa j0TcA8kSBnm2qM1U4IvvyAKT3shX1PAIF7hZ+HARaptQXAvzj8Aj7EwzsC+wiBhE4o 8PHni5lDhLmcFmIaq16fp6LzCiAX4zmt4CyhEGaQ=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1402038925; x=1402125325; i=@elandsys.com; bh=+53F1KDf3trKCZp1ZQs+o8kCWFv7oU5x5BWnI/uVj1s=; h=Date:To:From:Subject; b=PJIXvTCIE0TxqEGsDrqz1EYopIiOWJPyndHZ3acXtMHhYVzav+s9UXF0vhhdSuQoA Op/gxXnoXx4JxKJe/TwAv7KpdW77POb6WnOivxGM8sKyT//GfEkQ/yZuof/+iodzX+ buaT/kU61WCxJmmkq3KVUGCKrlKkwgiedhW1LSU8=
Message-Id: <6.2.5.6.2.20140605221300.0d300d58@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Thu, 05 Jun 2014 23:39:53 -0700
To: ietf-privacy@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/-j_DGyG0jzeWtEo2UF_Qj5C5ryg
Subject: [ietf-privacy] Logging Recommendations for Internet-Facing Servers
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2014 07:15:38 -0000
Hello,
BCP 162 contains logging recommendations for internet-facing
servers. Quoting the document:
"Discussions about data-retention policies are out of scope for this
document. Server security and transport security are important for
the protection of logs for Internet-facing systems. The operator of
the Internet-facing server must consider the risks, including the
data and services on the server, to determine the appropriate
measures. The protection of logs is critical in incident
investigations. If logs are tampered with, evidence could be
destroyed."
In other words, the BCP makes a recommendation without any discussion
about privacy considerations. The issue is traceability. It has
been the practice to log IP addresses. Keeping the logs for years is
not a good idea as it is difficult to argue that the information is necessary.
I suggest that the BCP be reconsidered given the lack of privacy
considerations.
Regards,
S. Moonesamy
- [ietf-privacy] Logging Recommendations for Intern… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Linus Nordberg
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor