Re: Proposed IETF Privacy Policy for Review
Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 17 March 2016 10:36 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92B1312D506 for <ietf@ietfa.amsl.com>; Thu, 17 Mar 2016 03:36:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hx7rvAgSa2tN for <ietf@ietfa.amsl.com>; Thu, 17 Mar 2016 03:35:55 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C91112D636 for <ietf@ietf.org>; Thu, 17 Mar 2016 03:35:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 76532BE4C; Thu, 17 Mar 2016 10:35:52 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0s_xbu4EDeot; Thu, 17 Mar 2016 10:35:51 +0000 (GMT)
Received: from [10.87.49.100] (unknown [86.42.16.188]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 6D68BBE57; Thu, 17 Mar 2016 10:35:50 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1458210951; bh=ErF9QQDOuSRzjnwWvaMsS7fqz0pwXVhhbvoecRWn9OY=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=VuR2+Di4Xmw2LuNSpViMRvuWXir4b2eBBD9iRt5gw3Gul/nOiwPCUGUBeIY0JsWSP jr735uoXE4Jt9oq/nbT3XBhAeBQY+cB3X3avDkyvIJWUesE9zxPKMGyAIMkIUcxcP6 l09lpoXqjjvwbV313GgoMDnMCE1FAKUSlFt0ACcs=
Subject: Re: Proposed IETF Privacy Policy for Review
To: "Scott O. Bradner" <sob@sobco.com>
References: <20160316173701.25701.qmail@ary.lan> <DE878486-1E9E-46F3-8AE8-6D211E39D419@sobco.com> <085072B2-5BD9-45BE-8085-1A334B106F1D@sobco.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56EA8886.8010909@cs.tcd.ie>
Date: Thu, 17 Mar 2016 10:35:50 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <085072B2-5BD9-45BE-8085-1A334B106F1D@sobco.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030108030300000708090409"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/mu-e_0oI54uWr_ITBRY3yq0bCTQ>
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Mar 2016 10:36:02 -0000
Hi Scott, I agree with the other comments made and echo folks' thanks for putting this out to review and for being willing to iterate on it. In addition: - Was the concept of a warrant canary [1] or transparency report [2] considered? Those are good things (tm) and it'd be good for the IETF to be part of the leading edge on such things I think. So I'd recommend that we do some such thing in addition to this. [1] https://en.wikipedia.org/wiki/Warrant_canary [2] https://en.wikipedia.org/wiki/Transparency_report - "disclosure of your Personal Data to third parties" I want to strongly re-iterate that selling (or so-called "monetizing") IETF participant data is something that should be anathema to us (and the partners we choose) and I'd hope that the strongest possible wording is used to say we won't be doing that. If any current or future partner would have an issue with that, then I think that needs to be disclosed to all IETF participants, so it'd be good if this policy said that a public announcement is required if any partner or service provider is (ab)using our data in any such manner. I'd also suggest that whoever is working on the next iteration of this in response to comments would be wise to pass the text by some of the folks who've commented in this thread. I think there are likely some wording nits that might be better fixed in that way before the next revision is sent to ietf-announce. Cheers, S.
- Re: [IAB] Proposed IETF Privacy Policy for Review Eggert, Lars
- Re: Proposed IETF Privacy Policy for Review Martin Vigoureux
- Re: Proposed IETF Privacy Policy for Review JORDI PALET MARTINEZ
- Re: Proposed IETF Privacy Policy for Review Scott Bradner
- Re: Proposed IETF Privacy Policy for Review JORDI PALET MARTINEZ
- Re: Proposed IETF Privacy Policy for Review John Levine
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- RE: Proposed IETF Privacy Policy for Review Adrian Farrel
- Re: Proposed IETF Privacy Policy for Review Adam Roach
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott O. Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Eggert, Lars
- Re: Proposed IETF Privacy Policy for Review Stephen Farrell
- Re: Proposed IETF Privacy Policy for Review Stephane Bortzmeyer
- Re: [IAB] Proposed IETF Privacy Policy for Review Paul Wouters
- Re: [IAB] Proposed IETF Privacy Policy for Review Scott Bradner
- Re: [IAB] Proposed IETF Privacy Policy for Review Paul Wouters
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Scott Bradner
- Re: [IAOC] [IAB] Proposed IETF Privacy Policy for… Paul Wouters
- Proposed IETF Privacy Policy for Review IETF Administrative Director
- Re: [IAB] Proposed IETF Privacy Policy for Review John Levine
- Re: Proposed IETF Privacy Policy for Review Adam Roach
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- RE: Proposed IETF Privacy Policy for Review Adrian Farrel
- Re: Proposed IETF Privacy Policy for Review Tobias Gondrom
- Re: Proposed IETF Privacy Policy for Review Alissa Cooper
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review S Moonesamy
- Re: Proposed IETF Privacy Policy for Review Dave Crocker
- Re: [IAOC] Proposed IETF Privacy Policy for Review Scott O. Bradner
- Re: Proposed IETF Privacy Policy for Review Doug Royer