Hello Martin and others, Good to hear there is a clear opinion on how to move forward with qlog within the IETF, thank you for the effort. I'm also happy it can remain in the QUIC wg for the time being. I will as proposed register a HotRFC session for IETF 110 to hopefully get some outside involvement.
@Philip: I agree we shouldn't define a file format but rather a binding to JSON/NDJSON/other (binary) formats. This is what I've tried to do so far with the qlog main schema. I'm not entirely sure myself we should consider encryption/authentication of the logs as part of this endeavour, but of course that's something that can be discussed in a wider group once qlog is adopted. The plan for now is to continue development of qlog in the existing github repo at https://github.com/quiclog/internet-drafts until the documents are adopted. I suspect we'd cut a new draft-03 right before that. I would encourage interested people not to wait until then, but to already engage with the work there in the meantime. With best regards, Robin On Wed, 16 Dec 2020 at 19:14, Phillip Hallam-Baker <ph...@hallambaker.com> wrote: > This is a good step. As one of the authors of the W3C log format, I think > it would have been much better to have a discussion of the log features as > part of the protocol design. There was no interest and which is why there > isn't even a proper spec. Basically, this is like SNMP and MIBs, you want > the MIBs to be developed by the groups developing the protocols. > > I would however urge that this be presented as an effort to create a > schema doe log file entries with bindings to JSON and NDJSON rather than a > log file format itself. > > It is about time that we had a cryptographic log file format that supports > modern features such as incremental encryption and authentication. The > power of one way sequences has been established by BlockChain. That is not > a framing mechanism I would want to use for a log file but it shows the > principle. > > Separating out the protocol specific schema from the framing allows > independent development of each. And yes, I do happen to have an > implementation of a log file format with cryptographic enhancements. And it > can do things like allow rapid location of a specific record range within > the log file, etc. > > Why would you want to encrypt your logs? Well, it is a question of HIPPA > and GDPR for some. But more generally, what a service can't read, a service > can't breach. If Mallet gets into my cloud, she is going to find it a lot > harder to sabotage my systems undetected if she can't read the log files > and they are in any case protected using Merkle trees. At that point, all > she can really do is to delete large chunks of log but that will leave > traces. > > Given what happened this week, given the serious breaches that will be > announced next month, demand for encrypted logs is going to come quickly > when it comes. > > The other reason to encrypt your logs is it provides you with the basis > for an encrypted persistence store with ACID properties. > > > But that is all in the future. For the time being, the best plan is to > develop one example of a decent log file using the JSON data model. If > there is interest in doing a cryptographic format, that would obviously be > a separate WG. That would focus on the format itself using HTTP/QUIC as the > paradigm from which the general case is developed. > > > On Wed, Dec 16, 2020 at 12:34 PM Martin Duke <martin.h.d...@gmail.com> > wrote: > >> Hi Robin, >> >> Congrats on your defense! I hope to watch it soon. >> >> We had a chat about qlog at the IESG. The consensus there appears to be >> that we should plan to move forward in quicwg with both drafts rather than >> seek another venue. However, it would be valuable for you to request a >> HotRFC slot to encourage the parallel development of qlog-based standards >> in other working groups. >> >> If that's agreeable to you, feel free to proceed. >> >> Martin >> > -- Robin Marx PhD researcher - web performance Expertise centre for Digital Media T +32(0)11 26 84 79 - GSM +32(0)497 72 86 94 www.uhasselt.be Universiteit Hasselt - Campus Diepenbeek Agoralaan Gebouw D - B-3590 Diepenbeek Kantoor EDM-2.05
