On 2018-04-24 17:44, Ted Lemon wrote: > On Apr 24, 2018, at 11:30 AM, Dave O'Reilly <d...@daveor.com > <mailto:d...@daveor.com>> wrote: >> Could you give me an example of when you think it would be >> appropriate to log source port and when it would not be? > > It's not appropriate to log source port if there's no potential for > abuse by the connecting party, or if the potential for abuse by the > connecting party is small compared to the potential for abuse by the > consumer of the log information. As has been mentioned previously, > it may make sense to log source port when accepting posts from an end > user, or when taking orders, or in similar situations. But to use > the example Amelia gave, if I go to Wikipedia and start reading > articles and clicking on links, it isn't appropriate to log the source > port. If I am reading a newspaper, it is not appropriate to log > anything about my reading habits (although in this case cookies are > likely more of a problem than source port). It's possible that some > government somewhere would disagree; if they do, that's fine, but it's > not the IETF's role to promote or enable this behavior.
Christian Huitema gave this example(!) but his e-mail reflects concerns that I would also raise, and want to be taken into account when drafting any logging recommendations. best, A > > To continue the Wikipedia example, Wikipedia does in fact ban IP > addresses when abusive behavior is exhibited by some person using that > IP address. I don't think there would be a particular problem > extending this to ports as well, although it might not actually be all > that useful if they are randomized by the CGN. I don't know if > Wikipedia logs this information for law enforcement use, but if they > do, then logging the source port as well _in these situations_ would > make sense, even though logging it when the end user is simply reading > pages would not. > > > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area -- Amelia Andersdotter Technical Consultant, Digital Programme ARTICLE19 www.article19.org PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
