ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: <draft-ietf-intarea-server-logging-recommendations-02.txt> (Logging recommendations for Internet facing servers) to BCP

2011-02-25 11:35:33
from [Cullen Jennings] [Permanent Link] 

I'd like to see a bit of text about privacy considerations added to this. For 
some servers, the advice in draft is fine but for many servers, I think logging 
this sort of information is an awful idea. It makes the owner of the server a 
subpoena target, possibly violates laws in some countries around personal 
identifying information, and will have no benefit for the operator of the 
server business or ability to debug, improve, or provide service. 

The draft should also point out that the source port, ip, and time does not 
uniquely identify a host behind the nat. Some NATs are designed so that two 
devices inside the NAT, call them A and B, are talking to different external 
servers, call them C and D. The NAT may use the same external IP and port on 
the NAT for the flow from A to C as it uses from the flow from B to D. The nat 
can different them looking at the 5 tuple. So if an email server sees a packet 
form a given IP port at the same time that a bittorent server sees packet from 
same IP and port, there is no guarantees that they came from the same host. 

This recommendation fails to say anything about what protocol one might use to 
log this information - given the rates of information from CGN the existing 
IETF logging protocols may not be appropriate. 

It seem to me that an BCP about what web, email, sip, and xmpp servers should 
do should probably be run by theses areas.


On Feb 25, 2011, at 8:04 AM, The IESG wrote:



The IESG has received a request from the Internet Area Working Group WG
(intarea) to consider the following document:
- 'Logging recommendations for Internet facing servers'
 <draft-ietf-intarea-server-logging-recommendations-02.txt> as a BCP

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2011-03-11. Exceptionally, comments 
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-intarea-server-logging-recommendations/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-intarea-server-logging-recommendations/



No IPR declarations have been submitted directly on this I-D.
_______________________________________________
IETF-Announce mailing list
IETF-Announce(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-announce


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: Last Call: <draft-ietf-intarea-server-logging-recommendations-02.txt> (Logging recommendations for Internet facing servers) to BCP, Cullen Jennings <=
Previous by Date:  Re: Weekly posting summary for ietf(_at_)ietf(_dot_)org, Marc Manthey
Next by Date:  Re: RFC production center XML format usage, was: [IAOC] xml2rfc and legal services RFPs, Suzanne Woolf
Previous by Thread:  Re: Last Call: <draft-ietf-ancp-protocol-15.txt> (Protocol for Access Node Control Mechanism in Broadband Networks) to Proposed Standard, Mykyta Yevstifeyev
Next by Thread:  RE: Request for Operations Directorate Review of draft-ietf-payload-rfc4695-bis-01 by 2011-02-23, Bernard Aboba
Indexes:  [Date] [Thread] [Top] [All Lists]