Early Review of draft-ietf-quic-qlog-main-schema-05
review-ietf-quic-qlog-main-schema-05-secdir-early-harkins-2023-04-26-00
Request | Review of | draft-ietf-quic-qlog-main-schema-05 |
---|---|---|
Requested revision | 05 (document currently at 08) | |
Type | Early Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2023-04-30 | |
Requested | 2023-03-25 | |
Requested by | Lucas Pardue | |
Authors | Robin Marx , Luca Niccolini , Marten Seemann , Lucas Pardue | |
I-D last updated | 2023-04-26 | |
Completed reviews |
Secdir Early review of -05
by Dan Harkins
(diff)
|
|
Comments |
qlog is a format for logging that has been used primarily for QUIC and HTTP/3, whereby the endpoints themselves generate logs that can be used for protocol analysis or debug. draft-ietf-quic-qlog-main-schema is the core specification defining the generalized rules for qlog, additional schema documents can extend this to add specific events relevant to the protocol. This is a request for early review of draft-ietf-quic-qlog-main-schema and in particular Section 9 on the Security and privacy considerations. Encrypted transports, such as QUIC, provide some challenges for observability and debuggability. Endpoints can explicitly opt in to logging, such as with qlog. Logs have the potential to hold sensitive details that need careful treatment, which is what we attempt to describe in the considerations. We would appreciate an early review of these in order to ensure we are being comprehensive. The focus of the review request is draft-ietf-quic-qlog-main-schema. In parallel the QUIC WG is standardizing draft-ietf-quic-qlog-quic-events and draft-ietf-quic-qlog-h3-events that inherit the security considerations. These concrete schema might help to contextualize the types of information that could be logged. Although we are not asking for early review of those drafts we are receptive to any early input the security directorate might decide to provide. |
|
Assignment | Reviewer | Dan Harkins |
State | Completed | |
Request | Early review on draft-ietf-quic-qlog-main-schema by Security Area Directorate Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/secdir/PmGIQjD-0GqABR5PK0bA5g429j0 | |
Reviewed revision | 05 (document currently at 08) | |
Result | Has nits | |
Completed | 2023-04-26 |
review-ietf-quic-qlog-main-schema-05-secdir-early-harkins-2023-04-26-00
Error; cannot read (/assets/ietfdata/doc/review/review-ietf-quic-qlog-main-schema-05-secdir-early-harkins-2023-04-26.txt)