[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)

To: Lothar Reith <lothar.reith@nortelnetworks.com>
Subject: Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)
From: Jari Arkko <jari.arkko@piuha.net>
Date: Tue, 20 Jul 2004 14:03:50 +0300
Cc: "'radiusext@ops.ietf.org'" <radiusext@ops.ietf.org>
In-reply-to: <7D410981F5D6214FA120DD2CF6E75462C3577B@zfrac103-int2.europe.nortel.com>
Organization: None
References: <7D410981F5D6214FA120DD2CF6E75462C3577B@zfrac103-int2.europe.nortel.com>
Reply-to: jari.arkko@piuha.net
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040316

Lothar Reith wrote:

please note that there appears to be a serious misunderstanding of my statements.

In no way did I propose anything that would compromise privacy - in the opposite I am proposing that the attribute "privacy-protected-identity"/"billable identity"/"user-alias" may be considered *essential* to enable privacy by means of using an anonymous NAI for routing the authentication request and a billable-identity only resolvable by the home network for accounting.

(snip)

I never stated what you linked with my name:
"Get the user's "trackable" identity for the access
    network so that fraudulent users can be tracked down and
    acted upon without involving home operator (possibly in
    another timezone and government etc)."
The opposite is true: Provide a "billable-identity"/"privacy-protected-identity" which on one hand does not allow any tracking by any intermediary or access-network under normal circumstances, but on the other hand allows billing (normal circumstances) and - in case of abuse, i.e. in rare circumstances - tracking down the abusive user.

I suggested the use of the billing-identity attribute for "tracking" in response to the requirement stated by Klaas Wierenga:

"Some universities want to know the real identity of a user in case of abuse" which he made in the context of the following NAI: "anonymous@university-a.nl" which implies that the NAI can not be used for this purpose.

The point is, that I do not beleive that these universities require the real identity "in real time" - rather I assume it would be perfectly sufficient to be able to track down the real identity of an abusive anonymous user after the fact of abuse. In this case, the university would have to request the resolution of the anonymous user-name from the home network providing evidence that the request is legitimate.


Ok. Sorry for mixing up who said what. What you say above about
non-real-time does make sense to me.

And I didn't mean to imply that Klaas' requirement is bad either.
I'm just trying to collect possible requirements, and the tracking
requirement is reasonable enough to be considered -- though it may well
be that the privacy requirements conflict with it or that there's
no need for a real-time real-identity tracking. More discussion
is needed on that.

--Jari

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)
  - From: Barney Wolff <barney@databus.com>

References:
- AW: Privacy (Was: Re: NAI decoration: User Identity issues)
  - From: "Lothar Reith" <lothar.reith@nortelnetworks.com>

Prev by Date: Re: Privacy (Was: Re: NAI decoration: User Identity issues)
Next by Date: Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)
Previous by thread: Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)
Next by thread: Re: AW: Privacy (Was: Re: NAI decoration: User Identity issues)
Index(es):
- Date
- Thread