[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [savannah-help-public] Logging of not-logged-in access to savannah
From: |
Karl Berry |
Subject: |
Re: [savannah-help-public] Logging of not-logged-in access to savannah |
Date: |
Sun, 7 Jun 2015 22:34:30 GMT |
Does not-logged-in access to savannah satisfy
https://www.eff.org/policy?
I note that that is their policy for themselves, essentially their own
instantation of their best practices recommendations at
https://www.eff.org/wp/osp.
If not, how does it fall short?
Savannah does not use "cryptolog" or anything else to encrypt the logs
or obfuscate IP addresses hitting Savannah services.
We also don't remove log data after 7 days.
Everything else looks effectively the same.
(Unless lots of work has been done, this is true of www.gnu.org,
www.fsf.org, ftp.gnu.org, and everything else too ...)
karl