[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: privacy

To: Rick Wesson <wessorh@ar.com>
Subject: Re: privacy
From: Patrik Fältström <paf@cisco.com>
Date: Tue, 7 Jan 2003 23:28:40 +0100
Cc: Edward Lewis <edlewis@arin.net>, "'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>, <iesg@ietf.org>, <rick@ar.com>
Delivery-date: Tue, 07 Jan 2003 14:32:22 -0800
Envelope-to: iesg-hack@psg.com
In-reply-to: <Pine.LNX.4.33.0301071336400.15138-100000@flash.ar.com>
List-help: <mailto:iesg-request@ietf.org?subject=help>
List-id: <iesg.ietf.org>
List-post: <mailto:iesg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/iesg>,<mailto:iesg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/iesg>,<mailto:iesg-request@ietf.org?subject=unsubscribe>
Sender: Randy Bush <randy@psg.com>

On tisdag, jan 7, 2003, at 22:43 Europe/Stockholm, Rick Wesson wrote:

I have some thoughts on this. I prefered the capability in scott's second
to the last proposal [1] -- I also have an issue with the IESG deciding
what in the most appropiate methodology.

What IESG want is _some_ mandatory to implement mechanism which makes it possible for the registrar to say to the registry "Do not disclose this attribute to a third party". If the wg want to have the mandatory to implement mechanism more powerful than that, fine. What is not ok is the protocol not having any mandatory to implement privacy mechanism in it, only extensions.

finally I would appreciate it if the IESG would post these discussion to
the public list as private discussions are just that, private.

The issues IESG has are posted on the I-D tracker, and it is up to the editor and wg chair (and that way the wg) how to resolve the issues. What we as IESG members have got are suggestions on solutions, and we have (as far as I remember) said yes to all proposals.

What we have heard back from wg chairs etc is that they have got private messages back from wg members which have issues with the proposals, issues with privacy being mandatory _at_all_. They have checked with IESG whether things really need to be mandatory, and the answer is yes.

What is the difference between what you here point to, and what Scott might have proposed later, I can not say, and I don't know if any of the IESG members can say straight from our head. We have many documents to look at, and we have posted the issues we have on the I-D tracker. We must trust the wg chair being able to solve the problem in one way or another, and come back to us with updated documents.

paf

Since we
are discussing the privacy of end-users information (that will eventually
be published in whois) it seems silly that we are not involved in the
discussion and decision process on this topic.

Lets put the proposal [1] back on the table and if the IESG has an issue
with it lets here from the IESG in this wg, not through our
DOCUMENT-EDITOR or the CHAIR but involve those members of the IESG that
have a problem with it.

-rick

[1] http://www.cafax.se/ietf-provreg/maillist/2002-12/msg00093.html

On Tue, 7 Jan 2003, Edward Lewis wrote:

Over the past few weeks the primary concern of the WG has been
preparing an answer to the IESG comments.  The one sticking point has
been the comment to provide privacy information at a more granular
level that we now provide.

There was a meeting of the IESG members involved, your chairs, and
Scott to review the state of the issue last month.  The outcome of
that phone call was sent by Scott to the list.  I've seen responses
from just two folks publicly and one privately.  I've been hoping for
more - and more positive responses.

First I want to make it clear that Scott isn't pushing this issue
back on to the table because we wants to.  This is an issue on which
we are getting feedback from the IESG, and they hold sway over our
documents, as in they have the final word.  They are reasonable
folks, but they do hold the final word.

I promised Scott that I'd wait until today to let folks that have
been out of the office over the past two weeks (plus a day to
download all the pending mail) before prompting the group another
time to consider this issue.

The crux of the issue is, there are situations in which a registrar
may wish to alter the default privacy considerations for data when
interacting with a registry.  Not all registrar-registry environments
will need this flexibility, but there is a claim that some exist.  (I
have no personal, first-hand knowledge of any such environments.)

How can we accomodate such environments?  That is the basic question.

The most recent thread on this begins with:
      http://www.cafax.se/ietf-provreg/maillist/2002-12/msg00100.html

Next: Milestones, ROID and other issues...
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                          +1-703-227-9854
ARIN Research Engineer

Follow-Ups:
- Re: privacy
  - From: Rick Wesson <wessorh@ar.com>

References:
- Re: privacy
  - From: Rick Wesson <wessorh@ar.com>

Prev by Date: Re: [Fwd: Request for Advice on VGRS IDN Announcement]
Next by Date: Re: privacy
Previous by thread: Re: privacy
Next by thread: Re: privacy
Index(es):
- Date
- Thread