[spec] Adapting the HTTP Common Logging Format for use by Gemini servers

Philip Linde linde.philip at gmail.com
Mon Dec 28 13:33:03 GMT 2020

Previous message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Next message (by thread): [tech] Re: [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 27 Dec 2020 21:39:41 +0100
Côme Chilliet <come at chilliet.eu> wrote:

> * I do not log the IP but its sha1 hash, because of privacy concerns

Please note that the table of the sha-1 of the entire IPv4 address space
is ~80 GiB and that such a measure can easily be reversed if not
individually salted before hashing (after which comparing hashes in
log entries is useless), even if I have to resort to searching the
whole IPv4 address space. You should *not* depend on this measure where
you have a real need for privacy.

-- 
Philip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20201228/d356e3e6/attachment-0001.sig>

Previous message (by thread): [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Next message (by thread): [tech] Re: [spec] Adapting the HTTP Common Logging Format for use by Gemini servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list