question regarding US requirements for journaling public email (possible legislation?)

Steven Bellovin smb at cs.columbia.edu
Fri Jan 6 07:59:50 CST 2012


On Jan 5, 2012, at 11:05 37PM, Suresh Ramasubramanian wrote:

> There's no shortage of stuff that reaches you 80..90 days after the fact
> 
> The UK voluntary retention rules make a lot more sense, compared to "a
> few days", which is entirely impractical
> 
> On Fri, Jan 6, 2012 at 9:30 AM,  <Valdis.Kletnieks at vt.edu> wrote:
>> 
>> You need to track down a miscreant user *right now*? You got the last 48 hours
>> of logs right at hand.  It's been a week? Meh, if somebody's been getting hit by
>> a DDoS for a week and is just now calling you, the fact they have a DDoS is the
>> least of their problems. Toss the logs. :)


The answer from the EFF is the same: retain what *you* have an
operational or administrative need for.  This is very different from a
legislative mandate for multiyear retention.


		--Steve Bellovin, https://www.cs.columbia.edu/~smb








More information about the NANOG mailing list