[Servercert-wg] Proposal to update logging requirements

Tobias S. Josefowitz tobij at opera.com
Thu Sep 14 14:56:54 UTC 2023

Hi Martijn,

On Wed, 13 Sep 2023, Martijn Katerbarg via Servercert-wg wrote:

> During our last WebTrust audit cycle it became clear that our 
> interpretation of "Firewall and router activities" and CPA Canada's 
> interpretation were meaningfully different. In particular it came to 
> light that in its most aggressive possible interpretation, the actual 
> logging of a firewall activity would itself constitute a firewall 
> activity, which would itself require logging, as would the log of the 
> log entry of that log entry, the log of this newest log entry, and 
> etcetera into infinity. In our opinion, too much "valid traffic" 
> logging, makes it harder to find "bad traffic".

That does sound intriguing. Would it be possible for you to go into a 
little more detail about what the actual point of contention was? I am 
assuming it was not actually the infinite layers of log events, but either 
way I would appreciate if you could share a bit more details.


More information about the Servercert-wg mailing list