randomizing lease renewal?

Phil Benchoff benchoff at vt.edu
Fri Mar 30 15:29:38 UTC 2007


In the case of answering court orders, you couldn't say who had an address
on a prior date without logs for that date.  At best, you could say who
currently has the address and that they are fairly static.  I doubt your
legal council would find that information sufficient to answer a subpoena
for who had address X at time Y.

I do hope everyone is careful in replying to subpoenas and sticks to the
facts you know, e.g.:
- Our dhcp server assigned address X to MAC address Y at time X.
- The user at IP address X used account Z which is registered to ...
- The host plugged into port X in room Y was used to...

In the case of educational institutions, unless the subpoena states
otherwise, the subject is notified before the information is released
and has the opportunity to quash the subpoena.  Failing that, an
accurate description of the information helps all parties involved.

The problem of allowing users to change addresses due to evil hackers could
be addressed by assuring that you don't get the same address back if you
do a release and discover.

Sorry this is a little off topic, but the core problem here is not one
that can't be fixed with a DHCP server.

Finally: IANAL (In large, blinking, red letters.)

Phil

On Fri, Mar 30, 2007 at 04:43:17PM +0200, Shane Kerr wrote:
> > 2) Why ? In the years I've been on this list we've only ever been 
> > given one sensible reason for such a function, but normally it's a 
> > variation on "we want to make it hard for people to run servers".
> 
> One possible alternative reason is for the privacy of the users.
> 
> If leases are relatively short and the server does not maintain long-term logs,
> then there is no way to map past activity to a specific client ID. This protects
> users from both the black hats (like evil hackers compromising the server box)
> and from the white hats (like court orders to report who is using a given IP at
> a given time).
> 
> I think I read recently that some American university has just such a system set
> up (although possibly just because the administrators hate the RIAA), so I
> deserve no blame or credit for the merits of such an idea. :)
> 
> --
> Shane


More information about the dhcp-users mailing list