Tony Hansen wrote:
I like Olaf's suggestion of adding a level of indirection.
While yes, it's an appealing suggestion, it is probably not as useful as it
1. A layer of indirection for a human mechanism is another opportunity for
error. A new, unfamiliar string is more likely not to be recorded properly.
we really want to be able to use the identification information, this will make
it less likely, not more.
2. Folks can find anything to be afraid of. If there is a valid concern -- and
skimming published versions of the lists does seem like a valid concern -- then
we should make sure the system is designed properly, to protect against real
threats of information misuse.
The goal of an indirect identifier is to ensure that the address is retained in
a safe place and not circulated. We can accomplish that just as well by not
circulating the sign-up sheets, and instead making them available only for
specific, authorized uses.
IETF mailing list