Re: Blue Sheet Change Proposal

Dave Crocker <> Fri, 04 April 2008 16:14 UTC

Return-Path: <>
Received: from (localhost []) by (Postfix) with ESMTP id 19F163A6CEB; Fri, 4 Apr 2008 09:14:12 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 178793A6C4C for <>; Fri, 4 Apr 2008 09:14:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.923
X-Spam-Status: No, score=-1.923 tagged_above=-999 required=5 tests=[AWL=0.676, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id GAmRxA4NBkP8 for <>; Fri, 4 Apr 2008 09:14:02 -0700 (PDT)
Received: from (unknown [IPv6:2001:470:1:76:0:ffff:4834:7146]) by (Postfix) with ESMTP id E3CF53A6B0F for <>; Fri, 4 Apr 2008 09:14:01 -0700 (PDT)
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id m34GDwEH006060 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <>; Fri, 4 Apr 2008 09:14:06 -0700
Message-ID: <>
Date: Fri, 04 Apr 2008 09:13:58 -0700
From: Dave Crocker <>
User-Agent: Thunderbird (Windows/20080213)
MIME-Version: 1.0
To: IETF Discussion <>
Subject: Re: Blue Sheet Change Proposal
References: <> <> <E7CB49418CF43269B3D9FD5D@Uranus.local> <>
In-Reply-To: <>
X-Virus-Scanned: ClamAV 0.92/6586/Fri Apr 4 07:26:59 2008 on
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 ( []); Fri, 04 Apr 2008 09:14:06 -0700 (PDT)
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Tony Hansen wrote:
> I like Olaf's suggestion of adding a level of indirection.

While yes, it's an appealing suggestion, it is probably not as useful as it sounds.

1. A layer of indirection for a human mechanism is another opportunity for human 
error.  A new, unfamiliar string is more likely not to be recorded properly.  If 
we really want to be able to use the identification information, this will make 
it less likely, not more.

2. Folks can find anything to be afraid of.  If there is a valid concern -- and 
skimming published versions of the lists does seem like a valid concern -- then 
we should make sure the system is designed properly, to protect against real 
threats of information misuse.

The goal of an indirect identifier is to ensure that the address is retained in 
a safe place and not circulated.  We can accomplish that just as well by not 
circulating the sign-up sheets, and instead making them available only for 
specific, authorized uses.



   Dave Crocker
   Brandenburg InternetWorking
IETF mailing list