[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AW: [Enum] Carrier ENUM mini-BoF Agenda

To: Richard.Stastny at oefeg.at
Subject: Re: AW: [Enum] Carrier ENUM mini-BoF Agenda
From: "Peter Williams" <home_pw at msn.com>
Date: Sun, 20 Jun 2004 22:04:12 -0700
Cc: enum at ietf.org, richard at shockey.us
List-help: <mailto:enum-request@ietf.org?subject=help>
List-id: Enum Discussion List <enum.ietf.org>
List-post: <mailto:enum@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/enum>, <mailto:enum-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/enum>, <mailto:enum-request@ietf.org?subject=unsubscribe>
Sender: enum-bounces at ietf.org

From: Jeff Williams <jwkckid1 at ix.netcom.com>
To: Stastny Richard <Richard.Stastny at oefeg.at>
CC: enum at ietf.org, Richard Shockey <richard at shockey.us>
Subject: Re: AW: [Enum] Carrier ENUM mini-BoF Agenda
Date: Sun, 20 Jun 2004 19:42:26 -0700
Stastny and all,
Stastny Richard wrote:
> So given Steven questions, my "User ENUM" definitions > and Richards "Carrier TN to URI translation mechanisms" aka "Carrier ENUM", > > I want to try to give an answer to question 1b first, before I address 1a > > a: within User ENUM there exist privacy issues. > set-up properly these issues do not exist in "Carrier ENUM", > because either the information is not accessible or not usable > by end-users. > Note: all privacy issues with ENUM should thereore be discussed > in the first half of the meeting, not in the mini-BoF on "Carrier ENUM"

Good point.

This is not appropriate, in my view. The reasoning is very flawed. There is a relationship between holder of the E.164 and the ENUM provider. While end-users may be unable to gain access to the marketing information derived from the providers analyis of the transactions for a given ENUM name, listing beneath e164.arpa (or elsewhere), the provider may seek to sell this information about the holder to value-added resellers, folk sellling additional telematic services, etc etc. This is quite typical in the US, and is what the US privacy policy apparatus is designed to codify, and disclose (even if it provides little in the way of enfocement) - so subscribers are at least notified of the possible arrangements that may impact their wider use of telematics.

Remember to distinguish between privacy, and security folks. Providing wonderful access conrol security by DNS or procedural means has no relevance to the privacy issues which we mut address in our engineering work on a public lookup service. Privacy is about information reuse, and disclousre of the possible reuses by all involved parties, including providers. In many cases, the most blatant privacy abuses do NORMALLY not involve the end-users directly: they involve selling information about end-users by providers and others with whom the end-user has no contractual relationships.

Remember, it took IETF over 15 years of hard work to privacy-enhace our email standards, with CA policy disclosures etc. We bridged complex legal work about digital signatures and CAs, and simple crypto work. And it took us over 10 years to secure IPSEC. If if takes as long to privacy enhance or secure ENUM protocols, so be it.

Peter.

_______________________________________________
enum mailing list
enum at ietf.org
https://www1.ietf.org/mailman/listinfo/enum

Follow-Ups:
- Re: AW: [Enum] Carrier ENUM mini-BoF Agenda
  - From: Jeff Williams

Prev by Date: Re: [Enum] Carrier ENUM mini-BoF Agenda
Next by Date: Re: [Enum] Carrier ENUM mini-BoF Agenda
Previous by thread: Re: AW: [Enum] Carrier ENUM mini-BoF Agenda
Next by thread: Re: AW: [Enum] Carrier ENUM mini-BoF Agenda
Index(es):
- Date
- Thread