On Thu, Aug 15, 2013 at 11:24 AM, SM <sm(_at_)resistor(_dot_)net> wrote:
The Privacy Considerations Section focuses on data in transit and
collection of data only. Section 8.1 mentions protecting the data from
"unauthorized access and viewing". That would only be unauthorized viewing
while the data is in transit.
Sure, mentioning something about the stored aggregated data also makes
sense in Section 8. I'll add something.
I don't know whether people overlook this; the queries leak out
information. Information which the user might consider as private is sent
out without the person's knowledge. I suggest pushing that discussion to
the specification which defines the identity (e.g. draft-ietf-repute-email-
**identifiers-08).
I don't think this point is specific to email identifiers. This is the
right place to say it.
As a general comment I would say that the issue is less about privacy and
more about reputation. There is a saying: Tell me what you read and I will
tell you who you are.
Reputations can certainly be private things, both as an aggregate "result"
and as the pieces of data that allowed that result to be reached. But I
don't think that's a new point given the above. The new text will cover it.
-MSK