Re: [apps-discuss] Webfinger

Bjoern Hoehrmann <derhoermi@gmx.net> Thu, 24 November 2011 03:34 UTC

Return-Path: <derhoermi@gmx.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E16861F0C3B for <apps-discuss@ietfa.amsl.com>; Wed, 23 Nov 2011 19:34:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.945
X-Spam-Level:
X-Spam-Status: No, score=-2.945 tagged_above=-999 required=5 tests=[AWL=-0.346, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6XbmQnTZc-7Z for <apps-discuss@ietfa.amsl.com>; Wed, 23 Nov 2011 19:34:46 -0800 (PST)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.22]) by ietfa.amsl.com (Postfix) with SMTP id 8F91A1F0C3C for <apps-discuss@ietf.org>; Wed, 23 Nov 2011 19:34:45 -0800 (PST)
Received: (qmail invoked by alias); 24 Nov 2011 03:34:43 -0000
Received: from dslb-094-222-149-170.pools.arcor-ip.net (EHLO HIVE) [94.222.149.170] by mail.gmx.net (mp064) with SMTP; 24 Nov 2011 04:34:43 +0100
X-Authenticated: #723575
X-Provags-ID: V01U2FsdGVkX1+Rz+Udjo2RayDYcz29SSha/c0OJYA2Bp02D9kjYI 13deF1FkGMxhxf
From: Bjoern Hoehrmann <derhoermi@gmx.net>
To: "Paul E. Jones" <paulej@packetizer.com>
Date: Thu, 24 Nov 2011 04:34:42 +0100
Message-ID: <frdrc7ldkhht55b536kmbj0tpi4jq80j9l@hive.bjoern.hoehrmann.de>
References: <032101cc9288$e3a06910$aae13b30$@packetizer.com>
In-Reply-To: <032101cc9288$e3a06910$aae13b30$@packetizer.com>
X-Mailer: Forte Agent 3.3/32.846
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Y-GMX-Trusted: 0
Cc: Joseph Smarr <jsmarr@google.com>, apps-discuss@ietf.org
Subject: Re: [apps-discuss] Webfinger
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2011 03:34:47 -0000

* Paul E. Jones wrote:
>http://www.ietf.org/internet-drafts/draft-jones-appsawg-webfinger-00.txt

There:

   Suppose you meet somebody at a party and they provide you with their
   email address.  After the party, you decide to visit your new
   friend's blog to learn more about them.  How do you find it?  You
   could search for your friend's name on the Internet or on various
   social networking sites, but sometimes it is very hard to locate a
   person or information about a person with merely an email address or
   a name.

I believe the technical term for that is "cyberstalking". What are you
planning to do to ensure the draft properly addresses security, privacy,
and netiquette issues? Right now the document seems to omit the reasons
for why the finger protocol did not gain traction, which revolve around
privacy and social engineering security issues, does not discuss neti-
quette at all, just has a "if you don't like it, don't use it" remark
in the Security Considerations, and has an ironic "Author's Addresses"
section.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/