Re: grrp-reqs-06, 3.2 Identification and Authentication [3]

[Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>]

Jordyn, Kent,

Thanks to both of you for reading my reply.

There are two "big" issues, whether there is negociation (as originally
proposed by Andre), and whether I & A exhaust the policies for which we
have a requirement for in-band policing of subsequent data flows.

What concerns me about negociation is existence. Unless a suitable wand is
waved a simple request/reply rpc-like semantic becomes "full featured".
There are lots of wands, I'm partial to a few, but none are in grrp-reqs-06.

The second point is more nuanced. I-check and A-check are policy requirements,
and we firmly believe that mechanisms exist (modulo a scaling comment by
another commentor). Now we're ready to open the flood-gates and pour data
registry-ward ... but ... _if_ P-check is possible, and since it is a real
requirement (at least as real as the EC's data protection regime), then 
we haven't finished with required and feasible end-point property
determination prior to data transmission.

> - Name server objects may be subject to substantially different privacy 
> restrictions than contact objects.

Technical data ends up in a zone file, social data doesn't. Further,
depending on thick vs thin, social data delivery semantics differ from
those of technical data.

>                                    DNS data probably needs to be generally 
> world-readable, whereas I can certainly think of circumstances in which 
> names, address and phone numbers should be generally not world-readable.

We're not discussing whois publication, only the intra-R-* policied transport
of data. One reason why we should be careful about the rrp==whois assumption
many share.

> - A country may pass a law along the lines of "no one may publish phone 
> numbers of any citizen of our country".  Presumably, phone numbers of 
> citizens of other countries can be published, so restrictions on 
> publication vary based on the data.

Actually you may be interested in reverse and multi-criteria directories,
the subject of an EC DP WG publication, as it is germane to provreg. But,
in the example I provided, the _end-point_ policy is to publish all data
collected, w/o reference to the various policies for each originators' item
of data. I'm sorry if I didn't make that sufficiently clear.

> Even if you're right and I'm wrong, this affects only my assertion that we 
> solve this through extensions of object descriptions.  We can solve the 
> problem through the addition of commands later.

Thanks for humoring me thus far. Can we solve the problem (of I & A) through
subsequent additional mechanism?

> I agree they exist, but my point is that these policies are likely to be 
> announced and negotiated out-of-band on a contractual or regulatory 
> basis. 

The P3P profile (subset produced with a hatchet) for (dns) technical data
isn't complicated. The one for social data should be no more difficult
than the one the CPExchange group developed for the onward-transport of
customer data, or for P3P for very dull web pages.

>         Additionally, they are unlikely to change with regularity, so 
> there's no need for dynamic negotiation to occur.

I never sought dynamic negotiation of data collection, just an announcement
and consistent semantics requirement. However, now that you mention it, had
Gore won the US would have transitioned from "opt-out" to "opt-in" in the
current Congress, at least that was what all the smart marketers reckoned.

Eric (ex-Engage)