Hi Scott,
On 04/18/2017 03:47 PM, Hollenbeck, Scott wrote:
> (Sorry, resending due to a corporate mailer encryption setting user error on
> my part).
>
>> -----Original Message-----
>> From: Niels ten Oever [mailto:li...@digitaldissidents.org]
>> Sent: Tuesday, April 18, 2017 9:29 AM
>> To: Gould, James <jgo...@verisign.com>; Hollenbeck, Scott
>> <shollenb...@verisign.com>; 'regext@ietf.org' <regext@ietf.org>
>> Subject: [EXTERNAL] Re: [regext] I-D Action: draft-ietf-regext-
>> verificationcode-01.txt
>>
>> Hi James,
>>
>> You're right. In Berlin I mentioned it in relation to the verification
>> code draft (and brought up the statement about it [0]), but similar there
>> are definitely also considerations for the resellers draft.
>
> Could you elaborate on that, please? The reseller (soon to be generic
> organization, I believe) draft(s) describe a means of exchanging information
> to identify an organization. Which bits of information do you see having
> human
> rights considerations?
>
Thanks for bringing up human rights considerations here. If I understand
draft-ietf-regext-reseller-01 correctly, one could force a customer in
country X to have a 'reseller:name type="loc" in country X' which could
impact the ability of a user to acquire a domain.
It would help to understand the reason of adding this to the spec.
>> Question is: should we create privacy considerations per draft, or would
>> it make more sense to make a draft with Privacy Considerations for EPP
>> (similar to RFC7819 did for DHCP).
>
> I don't know that I can answer that question without a better explanation of
> the kinds of things to be considered. I *can* see issues associated with
> personal privacy and the publication of contact information in WHOIS and/or
> RDAP (which points towards considerations for a document like RFC 5733), but
> where do you see considerations for a document like RFC 5732 in which there
> is
> no exchange of information associated with humans?
It depends whether we're thinking about privacy consideration, or human
rights considerations as you brought up. If we focus on privacy
considerations, then focusing on RFCs that deal with PII makes most
sense, but other drafts defintely have an impact on freedom of assembly,
association, etc.
Best,
Niels
>
> Scott
>
--
Niels ten Oever
Head of Digital
Article 19
www.article19.org
PGP fingerprint 8D9F C567 BEE4 A431 56C4
678B 08B5 A0F2 636D 68E9
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
