[TSG-Access-RD] Data Transport/Storage and Audit

[Andrew Newton]

On the agenda for the F2F next week, there is a section titled "Data
Transport/Storage and Audit".

The following are the items:

1. For queries that are required to be logged, how would a
specification allow choices on who would log such queries and how such
logging could be done?
2. How could a query that is required not to be logged be identified as such?
3. How could access be provided to authorized parties when it is
decided who/how/when logs may be accessed?

To jump start that part of our discussion and because engineers gotta
engineer, I'd like to suggest we consider the following:

For the second part of question 1 ("how such logging could be done"),
I recommend using Json Lines (http://jsonlines.org/) as the format.
This gives us extensibility in a format where each logged query can
simply be appended to the file. It also doesn't require the receiver
to use a pull parser. Even a bash script and a few utilities can break
down the file.

For question 3, I propose that the files be made available on a web
site, and they be PGP encrypted. Therefore access to the information
can be granted via key distribution.

-andy