[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-12 11:14:14
On 12/12/2015 10:11 AM, Dave Crocker wrote:
On 12/12/2015 6:25 AM, Ned Freed wrote:
Provider and thus email address lock-in is clearly to the advantage of ISPs and
MSPs that view their email service as a source of revenue (ads, branding,
marketing data, whatever). As such, not only will they have no interest
in any move towards eliminating that lock-in, they may well be actively
antagonistic towards it.

And at this point I fear that the shift to the use of such providers has
reached a point where anything the IETF says or does is going to be irrelevant.

You are probably correct on both counts, but I suspect neither point
matters very much.

There is such a strong, general, natural proclivity for using email
addresses as identifiers, nothing has shown even the slightest ability
to replace them, unless one counts a few different identifiers like
Twitter hashtags, which really are roughly equivalent to email addresses
(where the hashtag itself serves as the semantic.)

I have seen a common "change" with many popular sites with the push to grab cell phone numbers. Facebook is constantly peppering the user to allow it to use the PHONE NUMBER it has already grabbed from you. It doesn't understand the concept of "No! Stop Asking for it!" and it doesn't understand the concept "Who gave you permission to grab it in the first place." Lots of "lost ethics" in the new generation of programmers!!

That said, for future updates, I have also penciled in idea of looking at using additional identifiers, including the cell phone once I find an public domain method for sending a notification. <g>

My point is that the fact that an address is unique and is heavily used
for regular interaction, makes it an identifier.


There have been various efforts to create 'permanent' identifiers that
are independent of email addresses, or the like.  None has succeeded.  I
believe ISP market pressures were irrelevant to those failures.

A few years ago, the NIST had been trying to push the idea of a National ID (or more so the trust vendors were proposing new NIST initiatives). But I think the strategy has changed to a "De-Indentification" strategy according to my quick review.

De-Identification of Personally Identifiable Information


ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>