Closed rdroms closed 7 years ago
From Steve Fenter:
On the statement above I agree it's probably good to get out of a prescribed number of days which may not fit in every environment. However, I would like to see the word "troubleshooting" included in the retention statement, because troubleshooters have their own requirements for key retention separate from security and compliance requirements.
NEW
o Key material must be preserved for back-in-time analysis. The period for
key retention depends upon local policy, reflecting troubleshooting, security and compliance
requirements.
From Paul Turner:
You might want to use “operational” instead of “troubleshooting” so that it is more general. Performance monitoring could fall under operational.
Agreed on new text, using "operational"
Change made and update pushed.
From Tim Polk:
Second bulleted list: OLD o Key material must be preserved a minimum of 30 days for back-in- time analysis. Using the average time to breach detection as the guide for packet and key retention, the number of days increases. NEW o Key material must be preserved for back-in-time analysis. The period for key retention depends upon local policy, reflecting security and compliance requirements.