On Fri, 11 Sep 2009, Eric Rescorla wrote:
At Thu, 10 Sep 2009 12:23:31 -0700 (PDT),
* Each attendee will be issued an RFID card at the registration desk.
The information stored on the card is ONLY a number, no personal
data is stored on the card. (Note: the attendee can opt out at any
time, including not collecting the card, see below).
Note that removing your name from the database doesn't remove the
ability of someone to track you via the tag.
If this is a great concern I would suggest either returning the card
or not collecting it in the first place. Also, the type or readers
used require close proximity to trigger, you literally have to touch
the reader with your card to make it work. So nobody from the host
organization at least will be tracking you. I am also not sure what
value there is in knowing that 3478273983421 spent 10 minutes in trill
and then moved on to behave (pun intended).
* The "information" (number) on the card is not encrypted and could be
read by any RFID reader, but again, it's only a number.
How are the numbers assigned?
Don't know, but I have asked. I am guessing they are pre-assigned in
the sense that each card has a unique ID that is later mapped to the
Does the Web UI make sure to hide the number->attendee mapping?
Don't know that either, but I agree that it should. It hasn't been
fully designed yet. Will ask that they do this.
Ole J. Jacobsen
Editor and Publisher, The Internet Protocol Journal
Tel: +1 408-527-8972 Mobile: +1 415-370-4628
E-mail: ole(_at_)cisco(_dot_)com URL: http://www.cisco.com/ipj
Ietf mailing list