To:
Randy Bush <randy@psg.com>
cc:
Joe Abley <jabley@isc.org>, ietf-provreg@cafax.se, iesg@ietf.org, brunner@nic-naa.net
From:
Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
Date:
Thu, 09 Jan 2003 14:57:07 -0500
In-Reply-To:
Your message of "Thu, 09 Jan 2003 04:38:08 PST." <E18Wbwm-000Pdp-00@rip.psg.com>
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: privacy
> >> in idle moments, i am trying to understand the mechanisms and > >> poilicy useful/needed by a swedish registrant, using a registrar > >> located in brasil, to register in a domain which has its registry > >> in say american or new zealand juristiction. and, of course, the > >> registrant has personal preferences, "don't publish my fax number." > > Does it seem that a simple, boolean "do not disclose" flag on each > > field is sufficient to accommodate the privacy requirements of that > > scenario? > > one can always imagine more complex scenarios. but the > per-attribute dnp approach seems to be one of those which covers > the important cases, certainly the current ones, with a simple > mechanism. it's like one of those 90% solutions with 10% of the > cost. I wrote on the subject earlier [1], I'm unaware if anyone read that memo. No matter. > but if you have a real, current, useful, and needed case it does > not cover, now would certainly be a good time to describe it. Assume the affirmative, that per-attribute dnp "works" for the case of "publication". Q1. How long may the "do not publish" data be retained by the data collector? Q2. How may the "do not publish" data be modified by its author(s) during this retention period? Q3. To what purposes other than "do not publish" may the "do not publish" data be put during this retention period? Q4. Does "publication" and "do not publish" have a single, unique, consistent meaning, either during the period of retention of, or in all instances of some "do not publish" data? Q5. How is any change to an aspect of the above made known to the author(s) of the affected data? A dnp value associated with a datum, e.g., an end-point identifier associated with a domain name registrant, could be retained without limit by a reseller, a registrar, and a registry-operator, and be retained incorrectly (which may be a blessing), and re-purposed by any data collector, and the purposing itself re-defined (possibly transforming "not publish" into "publish"), without detection to a party other than the collector(s), e.g., the original author(s). Again, its a small matter. Eric [1] draft-brunner-epp-data-considerations-00.txt