On Apr 24, 2018, at 9:11 AM, <mohamed.boucad...@orange.com> <mohamed.boucad...@orange.com> wrote: > What sort of trade-offs can be added to Dave’s document? Do you have in mind > something like: > (1) > - Warranting that logging may be misused for tracking users? > - Logging information can be used for profiling users? > - Not logging is also an option?
I don't think Dave's document is a good starting point. Amelia (I think it was Amelia) already pointed out a number of things to talk about: for example, if you are going to log source ports, it should be possible to log them only when doing so is necessary, and not log them at other times. This is a meaningful technical point that would have clear implications in the code that got written. It's not just a platitude to put in the privacy considerations section. That's what I have in mind too. So yes, of course we should say "there are problems with logging source ports, and these are some examples of the problems doing so can cause." TBH, if I were an open source implementor, I would just ignore any advice about logging source ports, so if you want the document to have any relevance in that space, you have to give such people a reason for doing it and a basis for doing as little harm as possible.
_______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area