IETF Logo Mail Archive

Re: [regext] Privacy and HR considerations for draft-ietf-regext-verificationcode

Adam Roach <adam@nostrum.com> Fri, 14 December 2018 20:42 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7945131142 for <regext@ietfa.amsl.com>; Fri, 14 Dec 2018 12:42:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WsZ0Lh7W8yk6 for <regext@ietfa.amsl.com>; Fri, 14 Dec 2018 12:42:23 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 804A1130E6E for <regext@ietf.org>; Fri, 14 Dec 2018 12:42:23 -0800 (PST)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id wBEKgLV0098437 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 14 Dec 2018 14:42:22 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1544820143; bh=1sAfAbcTt1S0l9JW4DXvioI3osBEjQd2u/A1gQKrAHc=; h=Subject:To:References:From:Date:In-Reply-To; b=F6oWRov1er5MkwAqD6IL4NmrDpZ5DXqnqJIsddXRWZBLRZovSEnqsPPFzP6Q9JKVD qHNIHmyreV6aq3pJYxscrZxNqpAaUcYDMcn79eOcCUjq/DaUL9nLnZSSm42/Yng4Vx K/GAO0jUUQ8WK7Tp7r20cF4X+B1/c+Df2BEPm9no=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: John Levine <johnl@taugh.com>, regext@ietf.org
References: <20181214182653.AC924200B7998D@ary.qy>
From: Adam Roach <adam@nostrum.com>
Message-ID: <62942d0c-a057-ca80-4e0f-bdf99c61e893@nostrum.com>
Date: Fri, 14 Dec 2018 14:42:16 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.3.3
MIME-Version: 1.0
In-Reply-To: <20181214182653.AC924200B7998D@ary.qy>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/n5_sLfNnajgNtlWMP7pGnXx9pKQ>
Subject: Re: [regext] Privacy and HR considerations for draft-ietf-regext-verificationcode
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Dec 2018 20:42:26 -0000

[as an individual]

While I might quibble about some of the specifics of the proposed text, 
I disagree with the characterization of "unhelpful." Both proposed 
sections, in fact, make an attempt to be actionable.

In terms of tendentiousness, one could easily say the same of pretty 
much any "Security Considerations" or "Privacy Considerations" section 
we've ever published. But that's okay: a bias towards security and 
privacy are characteristics we've chosen to take on in our documents.

The same applies to the assertion regarding "a distraction from the WG's 
purpose": most protocols would "work" from a technical perspective 
without guidance regarding security and privacy; and so one could 
equally assert that such sections are also a "distraction" from the core 
work of those protocols. A key reason people come to the IETF to do work 
is the fact that it is a multi-stakeholder environment, designed to take 
these kinds of secondary effects into account.

And so I would encourage people to engage on the substance of the 
proposal rather than dismissing it out of hand.

/a

On 12/14/18 12:26 PM, John Levine wrote:
> Having reviewed the proposed text, I would encourage the WG to ignore it.
>
> It is unhelpful, tendentious and a distraction from the WG's purpose.
> In the interest of not wasting any more time, this is my last message
> on the topic.
>
> R's,
> John
>
>
> In article <5f7d0b3e-c844-1700-c369-90bb41e8241e@cis-india.org> you write:
>> Thank you for your comments on the proposed Human Rights Considerations
>> section. Please find the draft text below (with an accompanying Privacy
>> Considerations section which will also be useful); hope it is a good
>> starting point for consensus. ...
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email