Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard

"Paul E. Jones" <paulej@packetizer.com> Thu, 21 March 2013 01:28 UTC

Return-Path: <paulej@packetizer.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B03F21F8D59; Wed, 20 Mar 2013 18:28:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ldg6BRsSmcga; Wed, 20 Mar 2013 18:28:04 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) by ietfa.amsl.com (Postfix) with ESMTP id 55F3321F8D77; Wed, 20 Mar 2013 18:28:04 -0700 (PDT)
Received: from sydney (rrcs-98-101-148-48.midsouth.biz.rr.com [98.101.148.48]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id r2L1RiCk016022 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 20 Mar 2013 21:27:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1363829267; bh=86zGJViPIp2tbNX1FeamPrVqsLRc0W6UOFA73ayJtco=; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID: MIME-Version:Content-Type:Content-Transfer-Encoding; b=WntHBW0FDYHeimpy2qm2QElgasDO/P9pX5K43p3kDv7/DMhp0ri+9CW9yoy1zkW4R yze6JxjqY+1sD092+KyC3aGMbHW0QRc4gcP8eyEXGkFag7zRAsGYRFFz6pncFIXNpb 3HKt/+a6CybJcGE/IJQyoruj1EEyNIGjM/uiQyu4=
From: "Paul E. Jones" <paulej@packetizer.com>
To: 'Alissa Cooper' <acooper@cdt.org>, ietf@ietf.org
References: <20130304202424.31062.61240.idtracker@ietfa.amsl.com> <A437CC8E-63D9-41C2-A22B-1B379270CE2A@cdt.org>
In-Reply-To: <A437CC8E-63D9-41C2-A22B-1B379270CE2A@cdt.org>
Date: Wed, 20 Mar 2013 21:28:01 -0400
Message-ID: <055401ce25d3$5566f120$0034d360$@packetizer.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQKDaKO5ldokcAP290Gb0nohuKjS1AOIlQ8RlyiQfkA=
Content-Language: en-us
Cc: webfinger@ietf.org, apps-discuss@ietf.org
Subject: Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 01:28:05 -0000

Alissa,

It was suggested that we remove the word "implicit".  I'm OK with removing
it.  If we did that, would you want to add this new sentence or a modified
version of it?

Paul

> -----Original Message-----
> From: apps-discuss-bounces@ietf.org [mailto:apps-discuss-
> bounces@ietf.org] On Behalf Of Alissa Cooper
> Sent: Monday, March 18, 2013 11:31 AM
> To: ietf@ietf.org
> Cc: apps-discuss@ietf.org
> Subject: Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-
> 10.txt> (WebFinger) to Proposed Standard
> 
> Given how little control Internet users already have over which
> information about them appears in which context, I do not have a lot of
> confidence that the claimed discoverability benefits of WebFinger
> outweigh its potential to further degrade users' ability to keep
> particular information about themselves within specific silos. However,
> I'm coming quite late to this document, so perhaps that balancing has
> already been discussed, and it strikes me as unreasonable to try to
> stand in the way of publication at this point.
> 
> Two suggestions in section 8:
> 
> s/personal information/personal data/
> (see http://tools.ietf.org/html/draft-iab-privacy-considerations-
> 06#section-2.2 -- personal data is a more widely accepted term and
> covers a larger range of information about people)
> 
> The normative prohibition against using WebFinger to publish personal
> data without authorization is good, but the notion of implicit
> authorization leaves much uncertainty about what I imagine will be a use
> case of interest: taking information out of a controlled context and
> making it more widely available. To make it obvious that this has been
> considered, I would suggest adding one more sentence to the end of the
> fourth paragraph:
> 
> "Publishing one's personal data within an access-controlled or otherwise
> limited environment on the Internet does not equate to providing
> implicit authorization of further publication of that data via
> WebFinger."
> 
> Alissa
> 
> On Mar 4, 2013, at 3:24 PM, The IESG <iesg-secretary@ietf.org> wrote:
> 
> >
> > The IESG has received a request from the Applications Area Working
> > Group WG (appsawg) to consider the following document:
> > - 'WebFinger'
> >  <draft-ietf-appsawg-webfinger-10.txt> as Proposed Standard
> >
> > The IESG plans to make a decision in the next few weeks, and solicits
> > final comments on this action. Please send substantive comments to the
> > ietf@ietf.org mailing lists by 2013-03-18. Exceptionally, comments may
> > be sent to iesg@ietf.org instead. In either case, please retain the
> > beginning of the Subject line to allow automated sorting.
> >
> > Abstract
> >
> >
> >   This specification defines the WebFinger protocol, which can be used
> >   to discover information about people or other entities on the
> >   Internet using standard HTTP methods.  WebFinger discovers
> >   information for a URI that might not be usable as a locator
> >   otherwise, such as account or email URIs.
> >
> >
> >
> >
> > The file can be obtained via
> > http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/
> >
> > IESG discussion can be tracked via
> > http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/ballot/
> >
> >
> > No IPR declarations have been submitted directly on this I-D.
> >
> >
> > _______________________________________________
> > apps-discuss mailing list
> > apps-discuss@ietf.org
> > https://www.ietf.org/mailman/listinfo/apps-discuss
> >
> 
> 
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss