[Standards] eventlogging xeps
Peter.Waher at clayster.com
Tue Dec 10 19:09:38 UTC 2013
Thanks for the feedback. The description in §7.3.2 was perhaps a bit minimalistic. I extended it as follows:
Event messages could be published using Publish-Subscribe. Unless there's absolute control of who can subscribe to the information published in this manner, the information should be considered open and freely available. In such cases extra care should be taken to not publish information of a sensitive nature, or information that can be mined for information, behavior patterns, trends, etc., that can be viewed as being of a sensitive nature. If there's a risk that either absolute control cannot be achieved and information is of a sensitive nature, this pattern should be avoided.
From: Teemu Väisänen [mailto:uolevi at gmail.com]
Sent: den 10 december 2013 14:37
To: XMPP Standards; Peter Waher
Subject: Re: [Standards] eventlogging xeps
Section 7.3.2 Publish/Subscribe describes: "Event messages could be published using Publish-Subscribe. But, even more care should be taken to log only information that can be published openly. If there's risk for sensitive information to be logged, the publish/subscribe pattern should be avoided."
If information is sensitive, the information should not be logged, as said in 7.2. Do you mean that if sensitive information is still sent using pubsub, there are more actors (pubsub server, subscribers) that might log and/or leak the sensitive information and because of that the pubsub pattern should be avoided?
Would it be wise to move the second line "But, even more care should be taken to log only information that can be published openly.", e.g., to section 7.2. because it relates also to other cases than pubsub?
Could the last sentence be something more like: "If there's risk for sensitive information to be logged, the publish/subscribe pattern should be avoided in systems that contain any not trusted or any uncontrolled actors." That is because we could have a setup where we have a trusted pubsub server and we log (also) sensitive information in several trusted subscribers/loggers.
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2014.0.4259 / Virus Database: 3658/6904 - Release Date: 12/09/13
More information about the Standards