Fix logger warnlevel when normalizing request time

DP-3T / dp3t-sdk-backend

The backend implementation for DP3T

Mozilla Public License 2.0

198 stars 88 forks source link

Fix logger warnlevel when normalizing request time #269

Closed martinalig closed 3 years ago

martinalig commented 3 years ago

Currently, there is an ERROR logged when the request time exceeds the configured normalized request time in the GaenController exposed and exposedNextDay requests.

This is clearly not an error, so the level should be adjustet to WARN. Also some more information could be printet out, how much too long the request ist actually going.

ineiti commented 3 years ago

This is an error, and is there explicitly to be an error! If the request exceeds the normalized request time, then the normalized request time needs to be increased, else an attacker could learn something about the state of the database.

So the correct solution for this error is to increase the normalized request time.

ineiti commented 3 years ago

See #270

martinalig commented 3 years ago

Closed, as already explained by @ineiti This is an error as this actually breaks the system from a privacy perspective.