Re: question regarding US requirements for journaling public email (possible legislation?)

[Valdis.Kletnieks () vt edu]

On Fri, 06 Jan 2012 09:11:30 +0530, Suresh Ramasubramanian said:
> I would love to ask the EFF just what you do when you don't log stuff,
> and then need to troubleshoot someone causing a DDoS or something from
> your network in a hurry.

What John actually said:
> OSPs cannot be forced to provide data that does not exist. EFF suggests
> that OSPs draft an internal policy that states that they collect only
> limited information and do not retain any logs of user activity on their
> networks for more than a few weeks.

You need to track down a miscreant user *right now*? You got the last 48 hours
of logs right at hand.  It's been a week? Meh, if somebody's been getting hit by
a DDoS for a week and is just now calling you, the fact they have a DDoS is the
least of their problems. Toss the logs. :)

> Not that I'd get any sort of a useful answer from them, beyond random
> propaganda that spam filtering is evil, DPI is demoniacal etc etc.

Might want to go and actually read https://www.eff.org/wp/osp
before you say that. The PDF version runs to about 15 pages of detailed
and useful info for an OSP.;

Attachment: _bin
Description: