[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Hollenbeck, Scott" <shollenbeck@verisign.com>
Cc: "'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Date: Tue, 22 Oct 2002 14:09:22 +0200
Content-Disposition: inline
In-Reply-To: <3CD14E451751BD42BA48AAA50B07BAD6033700A2@vsvapostal3.prod.netsol.com>
Sender: owner-ietf-provreg@cafax.se
User-Agent: Mutt/1.3.28i
Subject: Re: "private" Element Attribute

On Mon, Oct 21, 2002 at 10:08:29AM -0400,
 Hollenbeck, Scott <shollenbeck@verisign.com> wrote 
 a message of 42 lines which said:

> In the ongoing IESG discussion of our EPP documents, we (Patrik and I) have
> come to the conclusion that we might need to add a new attribute to every
> object element in the domain, contact, and host mappings.  This boolean
> attribute, "private", will be used to note that the value of an element
> should not be disclosed to third parties. 

OK, privacy is a touchy subject and a complicated one. I would
disagree with such "ultra-simple" proposals that give the impression
we do something for privacy-conscious people while we do not really
address the full range of the subject. 

For instance, many people would agree that their coordinates are
displayed in reply to a whois query but not that they are included in
a bulk transfer of the database to a spammer (ooops, I mean marketer).

I suggest instead to rely on a function of EPP: the fact that you can
include XML elements which are not in the official schema. For
instance, P3P <URL:http://www.w3.org/TR/P3P/> elements could be added
in the EPP flow from the registry to the registrar and APPEL elements
from the registrar to the registry.

That way, we would build on an existing and documented and recognized
and quite comprehensive framework (managing its privacy preferences is
complicated enough that we do not introduce a new framework).

Home | Date list | Subject list