Skip to main content

Personal Information Tagging for Logs
draft-rao-pitfol-02

Document Type Replaced Internet-Draft (pearg RG)
Expired & archived
Authors Sandeep Rao , Santhosh C N , Shivan Kaul Sahib , Ryan Guest
Last updated 2020-09-03 (Latest revision 2020-07-13)
Replaced by draft-irtf-pearg-pitfol
RFC stream Internet Research Task Force (IRTF)
Intended RFC status (None)
Formats
Additional resources Mailing list discussion
Stream IRTF state Replaced
Consensus boilerplate Unknown
Document shepherd (None)
IESG IESG state Replaced by draft-irtf-pearg-pitfol
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Software systems typically generate log messages in the course of their operation. These log messages (or 'logs') record events as they happen, thus providing a trail that can be used to understand the state of the system and help with troubleshooting issues. Given that logs try to capture state that is useful for monitoring and debugging, they can contain information that can be used to identify users. Personal data identification and anonymization in logs is crucial to ensure that no personal data is being inadvertently logged and retained which would make the logging system run afoul of laws around storing private information. This document focuses on exploring mechanisms that can be used by a generating or intermediary logging service to specify personal or sensitive data in log message(s), thus allowing a downstream logging server to potentially enforce any redaction or transformation.

Authors

Sandeep Rao
Santhosh C N
Shivan Kaul Sahib
Ryan Guest

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)