> Date: Sun, 3 May 2015 16:23:08 -0700 > From: coderman <coderman@xxxxxxxxx> > >> I suggest also adding mandatory audit logging to the scope of the >> router software. In my opinion any and all state changes, whether >> automatic (Tor circuit change) or manual (administrator changing >> configuration) must be logged. > > this is an important detail; thank you for bringing it up. i will add > the expected run logging and troubleshooting logging output collected > on device and available to the owner via privacy director > administrative access. Some users will want as little logging as possible, as it can lead to privacy leaks if the device is compromised - may I suggest you turn it off by default? teor teor2345 at gmail dot com pgp 0xABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev