Re: [apps-discuss] webfinger privacy question/suggestion
Evan Prodromou <evan@status.net> Tue, 30 October 2012 17:33 UTC
Return-Path: <evan@status.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F38021F8629 for <apps-discuss@ietfa.amsl.com>; Tue, 30 Oct 2012 10:33:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YkOlnKH0oh7R for <apps-discuss@ietfa.amsl.com>; Tue, 30 Oct 2012 10:33:06 -0700 (PDT)
Received: from office.statusnetinc.com (office.statusnetinc.com [50.57.148.252]) by ietfa.amsl.com (Postfix) with ESMTP id C292121F8622 for <apps-discuss@ietf.org>; Tue, 30 Oct 2012 10:33:06 -0700 (PDT)
Received: from [192.168.0.101] (modemcable065.65-22-96.mc.videotron.ca [96.22.65.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by office.statusnetinc.com (Postfix) with ESMTPSA id 598B08D6608; Tue, 30 Oct 2012 17:44:27 +0000 (UTC)
Message-ID: <50900F51.5040805@status.net>
Date: Tue, 30 Oct 2012 13:33:05 -0400
From: Evan Prodromou <evan@status.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121028 Thunderbird/16.0.2
MIME-Version: 1.0
To: SM <sm@resistor.net>
References: <508E66FB.4070708@cs.tcd.ie> <0b3b01cdb61c$981dc600$c8595200$@packetizer.com> <508F0870.9050402@cs.tcd.ie> <0b9901cdb636$bf951480$3ebf3d80$@packetizer.com> <508F2B78.2000006@cs.tcd.ie> <0be001cdb64b$eb574560$c205d020$@packetizer.com> <508FA55F.5020608@cs.tcd.ie> <5FC89052-EE84-4C80-BEE8-ABAD7C784F5A@gmx.net> <6.2.5.6.2.20121030093556.0a82b130@resistor.net>
In-Reply-To: <6.2.5.6.2.20121030093556.0a82b130@resistor.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] webfinger privacy question/suggestion
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Oct 2012 17:33:07 -0000
There may be some use to having private sharing of discovery data. However, it's such a complicated and difficult problem, that trying to solve it with this version of Webfinger will effectively disallow public discovery. That is: it's a terrible morass, which will sink this effort. I suggest making a note in the security considerations that Webfinger links are visible to all, so don't put private stuff in there, full stop. -Evan On 12-10-30 01:18 PM, SM wrote: > At 03:16 30-10-2012, Hannes Tschofenig wrote: >> Have a look at: >> http://tools.ietf.org/html/draft-iab-privacy-considerations-04 > > Hmm, that draft was mentioned several months ago [1]. > >> I have raised these privacy issues already last year. My comments got >> ignored. > > The following question was asked around 11 months ago [2]: > > "What are you planning to do to ensure the draft properly addresses > security, privacy, and netiquette issues?" > > The current plan seems to be: do nothing. > > Regards, > -sm > > 1. > http://www.ietf.org/mail-archive/web/apps-discuss/current/msg04747.html > 2. > http://www.ietf.org/mail-archive/web/apps-discuss/current/msg03804.html > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss -- Evan Prodromou, CEO and Founder, StatusNet Inc. 1124 rue Marie-Anne Est #32, Montreal, Quebec, Canada H2J 2B7 E: evan@status.net P: +1-514-554-3826
- [apps-discuss] webfinger privacy question/suggest… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… Blaine Cook
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… Hannes Tschofenig
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… Evan Prodromou
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… Evan Prodromou
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… Mikael Nordfeldth
- Re: [apps-discuss] webfinger privacy question/sug… Stephen Farrell
- Re: [apps-discuss] webfinger privacy question/sug… Phillip Hallam-Baker
- Re: [apps-discuss] webfinger privacy question/sug… Hannes Tschofenig
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] webfinger privacy question/sug… Phillip Hallam-Baker
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Evan Prodromou
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… James M Snell
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… Paul E. Jones
- Re: [apps-discuss] webfinger privacy question/sug… William Mills
- Re: [apps-discuss] webfinger privacy question/sug… William Mills
- Re: [apps-discuss] webfinger privacy question/sug… William Mills
- Re: [apps-discuss] webfinger privacy question/sug… Gonzalo Salgueiro
- [apps-discuss] Private fields in Webfinger output… Evan Prodromou
- [apps-discuss] Using obfuscated resource identifi… Evan Prodromou
- Re: [apps-discuss] webfinger privacy question/sug… SM
- Re: [apps-discuss] Using obfuscated resource iden… Evan Prodromou
- Re: [apps-discuss] webfinger privacy question/sug… Joe Gregorio