On Thu, Aug 15, 2013 at 11:24 AM, SM <s...@resistor.net> wrote: > The Privacy Considerations Section focuses on data in transit and > collection of data only. Section 8.1 mentions protecting the data from > "unauthorized access and viewing". That would only be unauthorized viewing > while the data is in transit. >
Sure, mentioning something about the stored aggregated data also makes sense in Section 8. I'll add something. > > I don't know whether people overlook this; the queries leak out > information. Information which the user might consider as private is sent > out without the person's knowledge. I suggest pushing that discussion to > the specification which defines the identity (e.g. draft-ietf-repute-email- > **identifiers-08). > I don't think this point is specific to email identifiers. This is the right place to say it. > > As a general comment I would say that the issue is less about privacy and > more about reputation. There is a saying: Tell me what you read and I will > tell you who you are. > > Reputations can certainly be private things, both as an aggregate "result" and as the pieces of data that allowed that result to be reached. But I don't think that's a new point given the above. The new text will cover it. -MSK
