Closed LPardue closed 9 months ago
LPardue
commented
10 months ago The text diff might make this easier to review - https://author-tools.ietf.org/api/iddiff?url_1=https://quicwg.github.io/qlog/draft-ietf-quic-qlog-main-schema.txt&url_2=https://quicwg.github.io/qlog/sec-n-priv-mt/draft-ietf-quic-qlog-main-schema.txt
@martinthomson if you could find some time to review this it would be appreciated but we won't block on that.
martinthomson
commented
10 months ago Oh, I forgot to add one more point. I've said this before, but I will again.
This is very long. I would encourage you to find ways to have this section include fewer words, not more.
LPardue
commented
9 months ago In the interest of momentum, I'll punting the cutting down of text to https://github.com/quicwg/qlog/issues/358
This is an attempt to implement some of Martin Thomson's proposed changes.
It promotes some of the discussion into a general brief intro. Then speaks concretely about the data the qlog can put at risk. Then it presents access control considerations, followed by data minimization.
Per Martin's suggestion, data minimization for addressing risks is played down a little. I ended up changing this text the most but tried to shift, incorporate, or dedupe as much as I could and avoid deletion.
Closes #259