ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard

2013-03-18 10:31:45
from [Alissa Cooper] [Permanent Link] 
Given how little control Internet users already have over which information 
about them appears in which context, I do not have a lot of confidence that the 
claimed discoverability benefits of WebFinger outweigh its potential to further 
degrade users' ability to keep particular information about themselves within 
specific silos. However, I'm coming quite late to this document, so perhaps 
that balancing has already been discussed, and it strikes me as unreasonable to 
try to stand in the way of publication at this point.

Two suggestions in section 8:

s/personal information/personal data/
(see http://tools.ietf.org/html/draft-iab-privacy-considerations-06#section-2.2 
-- personal data is a more widely accepted term and covers a larger range of 
information about people)

The normative prohibition against using WebFinger to publish personal data 
without authorization is good, but the notion of implicit authorization leaves 
much uncertainty about what I imagine will be a use case of interest: taking 
information out of a controlled context and making it more widely available. To 
make it obvious that this has been considered, I would suggest adding one more 
sentence to the end of the fourth paragraph:

"Publishing one's personal data within an access-controlled or otherwise 
limited environment on the Internet does not equate to providing implicit 
authorization of further publication of that data via WebFinger."

Alissa

On Mar 4, 2013, at 3:24 PM, The IESG <iesg-secretary(_at_)ietf(_dot_)org> wrote:



The IESG has received a request from the Applications Area Working Group
WG (appsawg) to consider the following document:
- 'WebFinger'
 <draft-ietf-appsawg-webfinger-10.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2013-03-18. Exceptionally, comments 
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This specification defines the WebFinger protocol, which can be used
  to discover information about people or other entities on the
  Internet using standard HTTP methods.  WebFinger discovers
  information for a URI that might not be usable as a locator
  otherwise, such as account or email URIs.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/ballot/


No IPR declarations have been submitted directly on this I-D.


_______________________________________________
apps-discuss mailing list
apps-discuss(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/apps-discuss
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is there a Git repository of RFCs? Or of Internet-Drafts?, Michael Richardson
Next by Date:  Re: meetecho praise, Alejandro Acosta
Previous by Thread:  meetecho praise, Mikael Abrahamsson
Next by Thread:  RE: [apps-discuss] Last Call: <draft-ietf-appsawg-webfinger-10.txt> (WebFinger) to Proposed Standard, Paul E. Jones
Indexes:  [Date] [Thread] [Top] [All Lists]