On Sat, May 22, 2004 at 10:24:14AM +1000, grenville armitage wrote:
If your threat model postulates someone knowing enough about you to check
for your IETF registration, then simply knowing when IETF meetings occur gives
them a pretty good start. Testing your email account for 'out of office'
replies gives them on-the-week confirmation. Just watching what you've
been saying on ietf mailing lists leading up to the next scheduled IETF
meeting can confirm their suspicions.
Not everyone attends every IETF. Not everyone uses email autoreplies.
I.e. hiding IETF registrations is hardly likely to impact on the threat
offered
to your personal security by anyone knowledgable enough about your behavior
to be checking the IETF's online registrations list in the first place.
But there's no reason the list should be published in advance.
But in any case, post-meeting release of the registration list would go
along way to satisfying the goal of knowing "who was there".
The only issue seems to be people who want to check their *own* registration
status, and who didn't keep a record of their email confirmation. There
are other ways to solve that.
Tim
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf