On 2014-09-22 10:52:48, Vincent Lefevre wrote:
> I don't know where you live, but this is the same in most countries,
> except that the period varies.
Where I live is irrelevant. It is not the same in all countries: some
have more or less strict restrictions, some don't have any at all.
The United States of America, for example, do not enforce logging.
>> >> > Everyone says that disk space is cheap.
>> >>
>> >> I don't. Do you?
>> >
>> > Debian devs do.
>>
>> I'm a debian dev.
>
> You may be in the minority.
I may be.
It could also be because I am involved in buying the hardware at work.
>> >> Not everyone lives in a country that forces their providers to spy on
>> >> their users.
>> >
>> > Please could you avoid saying stupid things?
>>
>> No, as they are not stupid. I would prefer it if you would refrain from
>> qualifying what I consider to be reasonable statements as "stupid". That
>> you disagree doesn't make them stupid.
>
> What you say is a lie. France does not force users to spy on other
> users.
I disagree. I think that forcing logging is forcing webserver operators
to surveil their users, in the ultimate goal of revealing their
activities to the authorities, and therefore spying.
Saying that this is a lie implies that I am deliberately construing
another reality and masking information I would know. That is incorrect:
we are in a disagreement about the purpose of those policies. You think
it's good, I think it's bad. It doesn't make me stupid or a liar.
>> I do believe that the european logging directives, for example, are a
>> way to force providers to spy on their users on the behalf of the
>> state. Other countries do not have such requirements and still have
>> other legal means of getting to the data they need for criminal
>> prosecution. Forcing providers to keep logs is a way to force
>> deanonymisation of our users on the network, and is a fundamental issue
>> with freedom of speech and association.
>
> When someone connects to my web server, this is not my user.
> This is someone (human or not) I don't know.
I disagree. I think the client of a webserver is a user of a webserver.
Aren't people visiting (say) github.com users of github? Isn't there a
"terms of service" policy at the bottom of every freaking website these
days that they assume you have read and that implies you are a user of
their services?
>> > Wow! Most web servers keep logs for a long time by choice. Visitors
>> > who do not agree with that should not use the web.
>>
>> Webservers that want to choose to keep logs for a long time can do
>> so.
>
> And webservers that want to choose to keep logs for a short time
> can do so. So, there was no reason to change the default period.
I guess there was a compelling reason enough so that the default was
changed. I have given numerous reasons why globally, the default logging
should be reduced (resource usage, privacy, etc). You have given a
single reason why, locally (namely in France), the default should be 52
weeks, and haven't adressed the question as to what to do with
variations in those policies outside of France.
I do not see why we should keep 52 weeks of logs to satisfy the legal
requirements of just one country in the world, especially since that
change isn't sufficient to ensure compliance, and may break compliance
in other countries.
Anyways, I do not need to be CC'd further in your communications here, I
am not the maintainer of this package, I just reported this bug and I'm
not the one you need to convince.
A.
--
We have no friends but the mountains.
- Kurdish saying
Attachment:
pgpQJuqbD1bFr.pgp
Description: PGP signature