On 1 May 2018 at 09:28, Philipp Hörist <[email protected]> wrote: > But even that is not very useful, Laws change all the time. > > At the same time you can write "Follow the local Laws" > > And why would this only concern HTTPUpload, Laws also concern all kind > of data that run over the server. > > Its really not the place of a standard document to remember people to > follow the law. >
I appreciate the sentiment, but as an implementer I'd want to know about potential legal requirements of software I'm writing, so I can then gain some more confidence about offering that software to various jurisdictions, and can take these requirements into consideration when designing the software. Dave. > > regards > > 2018-05-01 10:24 GMT+02:00 Kevin Smith <[email protected]>: > > On 1 May 2018, at 09:03, Evgeny Khramtsov <[email protected]> wrote: > >> > >> Mon, 30 Apr 2018 13:20:38 +0200 > >> Jonas Wielicki <[email protected]> wrote: > >> > >>> I agree with your stance about deletion. Which is why I made it a > >>> separate PR. > >>> > >>> What do you think about the independent extension to the text I > >>> proposed in https://github.com/xsf/xeps/pull/625 ? > >> > >> While I'm fine with having a separate extension, I'm against the PR > >> itself. I think the behaviour is up to a local policy. We shouldn't make > >> default recommendations based on some local laws (GDPR). Because if we > >> do that, we can easily add "NOT" to all "SHOULD"s, and in this case we > >> will describe the local law of Russia (where it is required to keep all > >> users data for at least 6 months). I would really advise XSF to avoid > >> making political statements. Not to mention that the text brings > >> nothing to the document and only increases its size: it doesn't > >> describe any protocol, it doesn't describe security considerations, it > >> doesn't describe UX, so what does it do? Can we replace the text with > >> "People SHOULD live in peace?" Because the meaning of the statement > >> doesn't change a lot and a reader can easily ignore it. > > > > I largely agree with Evgeny on this. I’m fine with having a single line > drawing attention to potential requirements (like the "The availability of > deletion might be a requirement in jurisdictions where users have a right > to have their data deleted on request.” in the PR), but I don’t think this > normative language is the right thing to do. > > > > /K > > > > _______________________________________________ > > Standards mailing list > > Info: https://mail.jabber.org/mailman/listinfo/standards > > Unsubscribe: [email protected] > > _______________________________________________ > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: [email protected] > _______________________________________________ >
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
