On Jan 14, 2011, at 7:45 AM, Phillip Hallam-Baker wrote: > I believe that my personal security trumps any and all considerations that > might be raised here. > > I do not give my home address out and do not intend to change. If the RFC > editor were to insist that the fields are filled they are going to get a fake > address. > >
They should not insist on anything of the sort. > Corporate addresses are even less useful. Very few people in the IETF have > the same employer for more than five years. And even those who have the same > employer are unlikely to have the same office building very long. > > > On Fri, Jan 14, 2011 at 4:11 AM, t.petch <[email protected]> wrote: > ----- Original Message ----- > From: "Doug Ewell" <[email protected]> > To: "The IETF" <[email protected]> > Sent: Friday, January 14, 2011 6:56 AM > Subject: Re: author's address (was: Re: Fwd: [OPS-DIR] OPS-DIR > Reviewofdraft-yevstifeyev-tn3270-uri-12) > > > > Peter Saint-Andre wrote: > > > > > For what it's worth, Section 10 of the informational RFC 2223 > > > ("Instructions to RFC Authors") states: > > > > > > Each RFC must have at the very end a section giving the author's > > > address, including the name and postal address, the telephone number, > > > (optional: a FAX number) and the Internet email address. > > > > The Internet is not the type of chummy small-town environment where we > > can trust just anybody with our home address and phone number, or our > > bank account and credit card numbers, and where we can leave our front > > doors unlocked at night. > > As Joel pointed out, the Last Call issue is the contact details for change > control > in the registration of a widely used URI with IANA, details which consist > solely of a gmail address. Is that enough to grant change control of this > URI (in which a number of people from a number of organisations have > expressed an ongoing interest)? > What, exactly, is the issue here ? How IANA authenticates someone with change control over some resource ? That, clearly, is a lot bigger than just this RFC. I would assume (and feel sure) that IANA is not just blindly going by email address, but by their judgement. I am also not sure what having an address will do to help with this. I doubt IANA will be sending inspectors to people's houses asking to see ID. If there seems to be of particular risk of such attacks for this URI, I would suggest adding text in the security section (or the IANA considerations). If impersonation attacks seem like a real threat in general, then someone who feels that way should write a draft specifying how IANA should authenticate people. Regards Marshall > RFC4395 appears to be silent. > > Tom Petch > > > I worked on two I-Ds in a WG where participant A once responded to > > participant B's support of an RFC 3683 P-R action against A by > > contacting B's employer, gleaned from his e-mail address, demanding that > > the employer take professional action against B. In this type of > > hostile environment, I declined to state my employer's name or post to > > the WG list from my work address, much less divulge other personal > > information, and edited both RFC 4645 and 5646 as "Consultant." > > > > The argument that personal information is necessary to distinguish the > > author from other people with the same name probably carries some weight > > for authors named "John Smith" or "Bob Miller." There are few enough > > people named "Doug Ewell" in the world that the risk of ambiguity of > > authorship seems much more remote than the risk to personal security if > > too much personal information is provided. I suspect the same is true > > for people named "Mykyta Yevstifeyev." > > > > Having said that, I don't think there is any precedent for I-D authors > > or editors to claim their document was written by "IETF" or "IESG," and > > I doubt this will be permitted. > > > > -- > > Doug Ewell | Thornton, Colorado, USA | http://www.ewellic.org > > RFC 5645, 4645, UTN #14 | ietf-languages @ is dot gd slash 2kf0s > > > > _______________________________________________ > > Ietf mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/ietf > > > > _______________________________________________ > Ietf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf > > > > -- > Website: http://hallambaker.com/ > > _______________________________________________ > Ietf mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf _______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
