[email protected] wrote:
> Peter - I notice that the standards don't say anything about the EU's
> Data Integrity Directive which in fact will effect the operations of
all
> public content systems including the DNS servers which are operated in
> the EU. Why was this never designed into the spec is interesting since
> the specification may "by law not be used in about 1/3 of the populated
> world now" without that consideration being in place.
Todd,
A Google search for the term "Data Integrity Directive" returns only
one (irrelevant) result.
Could you perhaps let us know which EU Directive you really meant?
Uh, sorry - here are a few of the many links provided. The EU has all
sorts of new Directives on Data Integrity and the IETF can thank the
RFC3161 team for some of this.
o-
http://www.google.com/search?q=eu+data+protection+directive&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
o- http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm
o- http://www.cdt.org/privacy/eudirective/EU_Directive_.html
Those same standards directly apply to anything using time to invalidate
the use of a policy control - as in a time, DNS, NEA, or most other
time-policy controlled servers - and that is for ANY digital control
purpose.
That same requirement (to prove the actual functionality in a
world-class test environment that meets the needs of the EU) actually
prevents RFC3161 or any other IETF standard which wasn't tested under
those standards from being deployed since the law now pertains to all
systems in place and has no grandfathering provision to address legacy
systems designed and implemented before those requirements were put into
place.
As to who is responsible, the WG Chairs and the project Sponsors and
IMHO you can also thank the IETF's legal service for this failure since
it is their direct responsibility to advise the IETF on these key issues
of International Law.
The real issue *** AGAIN *** is whether IETF standards were tested in
environment's which stress the protocol or technology based on these
operating requirements. In all instances to date the answer is no
meaning that unless the EU creates a specific exemption for the IETF's
standards it by its own laws MAY NOT RELY ON IETF WORK PRODUCT for
anything...
Todd Glassey
regards
Ray
--
Ray Bellis, MA(Oxon) MIET
Senior Researcher in Advanced Projects, Nominet
e: [email protected], t: +44 1865 332211
------------------------------------------------------------------------
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
