I finally got around to submitting the -01 draft, considerably re-organized, per feedback here, to make it clear that the discussion is independent of any particular technology, and to include a tl;dr er cough excuse me “Summary” section.
Real HTML is at https://www.tbray.org/tmp/draft-bray-privacy-choices-01.html =========================================================== A new version of I-D, draft-bray-privacy-choices-01.txt has been successfully submitted by Tim Bray and posted to the IETF repository. Name: draft-bray-privacy-choices Revision: 01 Title: Privacy Choices for Internet Data Services Document date: 2015-04-11 Group: Individual Submission Pages: 5 URL: http://www.ietf.org/internet-drafts/draft-bray-privacy-choices-01.txt Status: https://datatracker.ietf.org/doc/draft-bray-privacy-choices/ Htmlized: http://tools.ietf.org/html/draft-bray-privacy-choices-01 Diff: http://www.ietf.org/rfcdiff?url2=draft-bray-privacy-choices-01 Abstract: This document argues in favor of Internet service providers deploying technologies which offer increased privacy to users of their services. The discussion is independent of any particular privacy technology. The approach is to consider common objections to the the deployment of such technologies, and show that these objections are not well-founded. On Mon, Mar 16, 2015 at 7:45 AM, Robin Wilton <[email protected]> wrote: > Hi Steve - and thanks for the correction. > > I agree with your additional use-cases/threat scenarios, naturally… I was > just trying to keep it to one simple illustration ;^) > > R > > On 16 Mar 2015, at 14:22, Stephen Kent <[email protected]> wrote: > > > Robin, > >> ... > >> > >> Primrose goes to InsureMe.com, where she will be asked for a lot of > personal data. InsureMe.com invites her to register and create a new > account, with an ID and password; all this is done over https, so > InsureMe.com is confident it has taken suitable steps to protect the data > from being visible to third parties. > > Third parties on the wire. Experience shows that Primrose's data is most > likely to be > > disclosed to third parties once it is on the InsureMe.com web site. Your > example > > goes on to cite a privacy violation in the form of Gotcher.com. But, a > successful attack > > against InsureMe.com also would violate the confidentiality of > Primrose's data. > > > > Bottom line: I agree with your observation that privacy is not the same > as > > confidentiality, and we often overly simplify these discussions. > > > > Steve > > > > _______________________________________________ > > perpass mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/perpass > > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass > > -- - Tim Bray (If you’d like to send me a private message, see https://keybase.io/timbray)
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
