On Wed, 25 Aug 1999, Andy Walker wrote:
> "A.R. (Tom) Peters" wrote: (* 1 *)
>
> > Do we make it a policy that for all people who took one or more
> > exams, the certification status can be polled anyway ? (i.e., we won't
> > tell that he failed the L.II exams 5 times, but just that he has an LPIC-1
> > certification since date so-and-so).
> > Or do we make it a policy not to disclose this information unless the
> > candidate made explicit that he wants to participate in this service?
>
> I don't think it should be the policy to quantify the competence level of the
> "certifyee", by listing how many times he failed a particular exam.
I said we will not do that. The intention is to make just the
certification status public.
%< cut rant >%
> > The other major issue is, what do we use as a unique personal
> > identifier? There are several options:
%<< cut options >>%
%< cut security issues >%
> Lots of words. Too many "should"s. Lots of other, valid, ways to solve these
> problems.
Thanx for pointing out the horrible things the vultures will do to us
if we screw up. The question however was not HOW to build a secure
database (I am confident we can find competent people to do that), but
WHAT information we will publicly disclose and HOW, weighing the privacy
and control of the LPIC against the convenience and needs of the inquirer.
--
#>!$!%(@^%#%*(&(#@#*$^@^$##*#@&(%)@**$!(&!^(#((#&%!)%*@)(&$($$%(@#)&*!^$)^@*^@)
Tom "thriving on chaos" Peters
NL-1062 KD nr 149 tel. 31-204080204
Amsterdam e-mail [EMAIL PROTECTED]
________________________________________________________________________
This message was sent by the linux-cert mailing list. To unsubscribe:
echo unsubscribe | mail -s '' [EMAIL PROTECTED]
