Approaches to Address the Availability of Information in Criminal Investigations Involving Large-Scale IP Address Sharing Technologies
draft-daveor-cgn-logging-04

Document Type Expired Internet-Draft (individual)
Last updated 2018-10-14 (latest revision 2018-04-12)
Stream IETF
Intended RFC status Informational
Formats
Expired & archived
plain text pdf html bibtex
IETF conflict review conflict-review-daveor-cgn-logging
Stream WG state (None)
Document shepherd Adrian Farrel
Shepherd write-up Show (last changed 2018-01-15)
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
IANA IANA review state Version Changed - Review Needed
IANA action state None

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-daveor-cgn-logging-04.txt

Abstract

The use of large-scale IP address sharing technologies (commonly known as "Carrier-Grade NAT" and "A+P") presents a challenge for law enforcement agencies due to the fact that incoming source port information is not routinely logged by Internet-facing servers. The absence of this information means that it is becoming increasingly difficult for law enforcement agencies to identify suspects in criminal activity online. This document considers the reasons why source port information is not routinely logged by Internet-facing servers and makes recommendations to help improve the situation. A deployment maturity model has been developed and a study of the support for logging incoming source port information in common server software is also presented.

Authors

David O'Reilly (rfc@daveor.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)