Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard
Alissa Cooper <acooper@cdt.org> Mon, 18 March 2013 15:31 UTC
Return-Path: <acooper@cdt.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B16F321F85CE; Mon, 18 Mar 2013 08:31:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.459
X-Spam-Level:
X-Spam-Status: No, score=-102.459 tagged_above=-999 required=5 tests=[AWL=0.140, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DlZ2xSEjoB+C; Mon, 18 Mar 2013 08:31:21 -0700 (PDT)
Received: from mail.maclaboratory.net (mail.maclaboratory.net [209.190.215.232]) by ietfa.amsl.com (Postfix) with ESMTP id 8A50B21F856D; Mon, 18 Mar 2013 08:31:20 -0700 (PDT)
X-Footer: Y2R0Lm9yZw==
Received: from localhost ([127.0.0.1]) by mail.maclaboratory.net (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits)); Mon, 18 Mar 2013 11:31:17 -0400
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Alissa Cooper <acooper@cdt.org>
In-Reply-To: <20130304202424.31062.61240.idtracker@ietfa.amsl.com>
Date: Mon, 18 Mar 2013 11:31:16 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <A437CC8E-63D9-41C2-A22B-1B379270CE2A@cdt.org>
References: <20130304202424.31062.61240.idtracker@ietfa.amsl.com>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.1499)
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2013 15:31:21 -0000
Given how little control Internet users already have over which information about them appears in which context, I do not have a lot of confidence that the claimed discoverability benefits of WebFinger outweigh its potential to further degrade users' ability to keep particular information about themselves within specific silos. However, I'm coming quite late to this document, so perhaps that balancing has already been discussed, and it strikes me as unreasonable to try to stand in the way of publication at this point. Two suggestions in section 8: s/personal information/personal data/ (see http://tools.ietf.org/html/draft-iab-privacy-considerations-06#section-2.2 -- personal data is a more widely accepted term and covers a larger range of information about people) The normative prohibition against using WebFinger to publish personal data without authorization is good, but the notion of implicit authorization leaves much uncertainty about what I imagine will be a use case of interest: taking information out of a controlled context and making it more widely available. To make it obvious that this has been considered, I would suggest adding one more sentence to the end of the fourth paragraph: "Publishing one's personal data within an access-controlled or otherwise limited environment on the Internet does not equate to providing implicit authorization of further publication of that data via WebFinger." Alissa On Mar 4, 2013, at 3:24 PM, The IESG <iesg-secretary@ietf.org> wrote: > > The IESG has received a request from the Applications Area Working Group > WG (appsawg) to consider the following document: > - 'WebFinger' > <draft-ietf-appsawg-webfinger-10.txt> as Proposed Standard > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@ietf.org mailing lists by 2013-03-18. Exceptionally, comments may be > sent to iesg@ietf.org instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > This specification defines the WebFinger protocol, which can be used > to discover information about people or other entities on the > Internet using standard HTTP methods. WebFinger discovers > information for a URI that might not be usable as a locator > otherwise, such as account or email URIs. > > > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/ballot/ > > > No IPR declarations have been submitted directly on this I-D. > > > _______________________________________________ > apps-discuss mailing list > apps-discuss@ietf.org > https://www.ietf.org/mailman/listinfo/apps-discuss >
- [apps-discuss] Last Call: <draft-ietf-appsawg-web… The IESG
- [apps-discuss] Last Call: <draft-ietf-appsawg-web… The IESG
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Alissa Cooper
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Hannes Tschofenig
- [apps-discuss] R: Last Call: <draft-ietf-appsawg-… Goix Laurent Walter
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Paul E. Jones
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Paul E. Jones
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Alissa Cooper
- Re: [apps-discuss] Last Call: <draft-ietf-appsawg… Paul E. Jones