[ietf-privacy] Logging Recommendations for Internet-Facing Servers
S Moonesamy <sm+ietf@elandsys.com> Fri, 06 June 2014 07:15 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED29E1A03DA for <ietf-privacy@ietfa.amsl.com>; Fri, 6 Jun 2014 00:15:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.651
X-Spam-Level:
X-Spam-Status: No, score=-2.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GB3Nyecb1mdb for <ietf-privacy@ietfa.amsl.com>; Fri, 6 Jun 2014 00:15:32 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EE861A0047 for <ietf-privacy@ietf.org>; Fri, 6 Jun 2014 00:15:32 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.138.226]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s567FDLh008013 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-privacy@ietf.org>; Fri, 6 Jun 2014 00:15:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1402038925; x=1402125325; bh=+53F1KDf3trKCZp1ZQs+o8kCWFv7oU5x5BWnI/uVj1s=; h=Date:To:From:Subject; b=FRmvjcevLegXzbx44szz7R4jsdE+vafgW0IGl7UtuY9O8Aoiw5+ybdkvttaklTaIa j0TcA8kSBnm2qM1U4IvvyAKT3shX1PAIF7hZ+HARaptQXAvzj8Aj7EwzsC+wiBhE4o 8PHni5lDhLmcFmIaq16fp6LzCiAX4zmt4CyhEGaQ=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1402038925; x=1402125325; i=@elandsys.com; bh=+53F1KDf3trKCZp1ZQs+o8kCWFv7oU5x5BWnI/uVj1s=; h=Date:To:From:Subject; b=PJIXvTCIE0TxqEGsDrqz1EYopIiOWJPyndHZ3acXtMHhYVzav+s9UXF0vhhdSuQoA Op/gxXnoXx4JxKJe/TwAv7KpdW77POb6WnOivxGM8sKyT//GfEkQ/yZuof/+iodzX+ buaT/kU61WCxJmmkq3KVUGCKrlKkwgiedhW1LSU8=
Message-Id: <6.2.5.6.2.20140605221300.0d300d58@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Thu, 05 Jun 2014 23:39:53 -0700
To: ietf-privacy@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-privacy/-j_DGyG0jzeWtEo2UF_Qj5C5ryg
Subject: [ietf-privacy] Logging Recommendations for Internet-Facing Servers
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2014 07:15:38 -0000
Hello, BCP 162 contains logging recommendations for internet-facing servers. Quoting the document: "Discussions about data-retention policies are out of scope for this document. Server security and transport security are important for the protection of logs for Internet-facing systems. The operator of the Internet-facing server must consider the risks, including the data and services on the server, to determine the appropriate measures. The protection of logs is critical in incident investigations. If logs are tampered with, evidence could be destroyed." In other words, the BCP makes a recommendation without any discussion about privacy considerations. The issue is traceability. It has been the practice to log IP addresses. Keeping the logs for years is not a good idea as it is difficult to argue that the information is necessary. I suggest that the BCP be reconsidered given the lack of privacy considerations. Regards, S. Moonesamy
- [ietf-privacy] Logging Recommendations for Intern… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Linus Nordberg
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Stephen Farrell
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor
- Re: [ietf-privacy] Logging Recommendations for In… S Moonesamy
- Re: [ietf-privacy] Logging Recommendations for In… Daniel Kahn Gillmor