Hi Roman,
again my reponses below.
Il 25/09/2023 22:55, Roman Danyliw ha scritto:
Hi Mario!
Thanks for the response. Response inline …
*From:* Mario Loffredo <[email protected]>
*Sent:* Friday, September 1, 2023 6:50 AM
*To:* Roman Danyliw <[email protected]>; The IESG <[email protected]>
*Cc:* [email protected];
[email protected]; [email protected]; [email protected]
*Subject:* Re: Roman Danyliw's No Objection on
draft-ietf-regext-rdap-reverse-search-25: (with COMMENT)
Hi Roman,
please find my comments below.
Il 30/08/2023 14:16, Roman Danyliw via Datatracker ha scritto:
Roman Danyliw has entered the following ballot position for
draft-ietf-regext-rdap-reverse-search-25: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer tohttps://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Thank you to Tero Kivinen for the SECDIR review.
Thanks for address my DISCUSS feedback.
I support Lars Eggert's DISCUSS position.
==
** Section 1.
The first objection concerns the potential risks of privacy
violation.
Where are these privacy concerns summarized? Could a reference be provided?
[ML] Guess you think your remark hasn't yet been addressed by the new
version.
Considering that the implications on privacy are presented in more
detail in the "Privacy Considerations" section, could it be enough to
rewrite that sentence as in the following ?
(*) The first objection concerns the potential risks of privacy violations resulting from the use ofpersonal data and the detection of facts about an individual when the
requestor is not supported by lawful basis.
I'm not aware of any document describing those concerns. When I wrote
the "Privacy Considerations" section, I started from the threats
listed in RFC6973 and I tried to identify those which could fit in
with the reverse search.
Afterwards, RegExt considered that section exhaustive enough to
conclude the discussion about the privacy concerns.
[Roman] The Privacy Considerations and the inline text make the issue
clear. I was reacting to the following text:
its
availability as a standardized Whois [RFC3912] capability has been
objected to for two main reasons, which now don't seem to conflict
with an RDAP implementation.
[Roman] My recommendation was that if there was a way to cite the
objections to whois, it would be helpful (instead of asserting there
were objections without a reference). If this is not easy to do, then
please ignore the feedback.
[ML]
Have repeatedly searched the web for some documents (preferably by ICANN
or CENTR or some other forum of registries) about privacy concerns
connected with Reverse Whois but all of those I found talk generally
about "privacy concerns".
This is the reason why I tried to summarize them in the sentence above (*).
Anyway, if there is someone in RegExt who knows a suitable reference, I
would be happy to include it in the document.
Best,
Mario
Thanks,
Roman
_______________________________________________
regext mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/regext
--
Dott. Mario Loffredo
Senior Technologist
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web:http://www.iit.cnr.it/mario.loffredo
_______________________________________________
regext mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/regext
