On 10/05/2018 02:48 PM, Andrew Sullivan wrote:
> On Fri, Oct 05, 2018 at 02:08:38PM +0200, Niels ten Oever wrote:
>
>> We might disagree here. If there is one place in which this extension
>> might be useful, I am not sure whether standardization is appropriate
>> because there is only one (potential) implementation. That leads me to
>> the question: has this actually been implemented in the case of .gov?
>
> On the other hand, if people want to standardize some mechanism for a
> policy you find regrettable, I find it hard to believe that the right
> answer is "prevent that standard" rather than "don't subject yourself
> to that policy". The latter is easily achieved by refusing to do
> business with registries that implement a policy you don't like. The
> approach that seems to be being pursued here is to try to prevent
> standardization of the mechanism because of a disagreement about the
> policy. I think that is generally bad for interoperability.
>
If this would be a standard in response to a demand, that would be fine.
But I am rather afraid this is a standard that will create policy and
practice. Namely the practice of 3rd party identity verification
providers. Since there is legislation that demand this afaik, I think we
should be hesitant to standardize such a thing because of the
potentially severe implications as pointed out by the review.
Best,
Niels
--
Niels ten Oever
Researcher and PhD Candidate
Datactive Research Group
University of Amsterdam
PGP fingerprint 2458 0B70 5C4A FD8A 9488
643A 0ED8 3F3A 468A C8B3
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
