Opened 6 years ago

Last modified 3 months ago

#1120 assigned task

Privacy and Terms of Service

Reported by: zzz Owned by: sadie
Priority: minor Milestone: eventually
Component: www/i2p Version:
Keywords: Cc:
Parent Tickets: #1632 Sensitive: no

Description

Needs significant documentation and process improvement. Should cover server logs on all project websites and services, including reseed hosts if possible. Make clear what sites are and are not covered, both clearnet and in-network.

Not only a "good thing", but on the Open ITP checklist, i.e. a potential factor in funding / auditing decisions.

refs:

http://trac.i2p2.i2p/wiki/OpenITPReview/Criteria

Subtickets

Change History (6)

comment:1 Changed 4 years ago by str4d

Milestone: eventually
Parent Tickets: 1632
Status: newopen

comment:2 Changed 14 months ago by zzz

Owner: set to sadie
Status: openassigned

comment:3 Changed 14 months ago by Eche|on

Ok

reseed is a topic on its own, as those are not controlled by I2P itself.
Those do get the IP of the requester and may save them.
geti2p.net gets IP addresses of the requests and do drop those each day.
i2pforum.net gets IP addresses of the requests and drop those each day.
mtn.i2p2.de gets IP addresses of the requests and drop those each day.

Those .i2p hidden services get the requests b64 address, drop them each day.

i2pforum has username, password (encrypted with hash) and the user based content in a DB and keep them.

echelon

comment:4 Changed 14 months ago by Eche|on

terms of service are harder.
On general:

  • be excellent to each other
  • do no harm, do not (D)DOS
  • do not do harrassment, lie, tell others bad stuff. no illegal stuff (based on EU laws)
  • admin has last word
  • reseed hosts: no more than getting seed files
  • geti2p: get information, not much more
  • forum: do discuss, help, create content based on on-topic content. No right to publish any content a user likes to, admin has admin rights

comment:5 Changed 3 months ago by sadie

  • need to know who has what in terms of logs and create or discuss retention / security policy of data
  • outproxy ToS for operators and users needed
  • Best practices / considerations for users

comment:6 Changed 3 months ago by zzz

pinned post in mm has list of who runs what, so you can turn that into the list of who has what logs.

Note: See TracTickets for help on using tickets.