Today in Parliament
Brian Morrison
ukcrypto at chiark.greenend.org.uk
Fri, 18 Jul 2008 10:51:28 +0100
James Firth wrote:
> On a wider point, can anyone explain to me why (or indeed if they are) ISPs
> are required to capture Domain Name Service (DNS) lookup logs as part of
> data retention legislation? If so, what is supposed to happen if
> subscribers choose to use their own or 3rd-party DNS servers?
>
> I ask the question because it is kind of obvious that ISPs need to keep a
> log of which IP addresses were assigned to any subscriber at any given point
> in time. I can see the argument for traceability. But I can't see the
> argument for DNS lookups.
Warning: speculation alert
Well, in cases where a hostname does not resolve, it is not possible to
capture any data flow either to or from the IP address in question, but
knowing that someone tried a lookup on www.kiddie-porn.com would be a
flag that some more trawling would be worthwhile.
Looks like we need a random DNS lookup daemon running.....
--
Brian