Hi Mario! Thanks for the response. Response inline …
From: Mario Loffredo <mario.loffr...@iit.cnr.it> Sent: Friday, September 1, 2023 6:50 AM To: Roman Danyliw <r...@cert.org>; The IESG <i...@ietf.org> Cc: draft-ietf-regext-rdap-reverse-sea...@ietf.org; regext-cha...@ietf.org; regext@ietf.org; t...@apnic.net Subject: Re: Roman Danyliw's No Objection on draft-ietf-regext-rdap-reverse-search-25: (with COMMENT) Hi Roman, please find my comments below. Il 30/08/2023 14:16, Roman Danyliw via Datatracker ha scritto: Roman Danyliw has entered the following ballot position for draft-ietf-regext-rdap-reverse-search-25: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Tero Kivinen for the SECDIR review. Thanks for address my DISCUSS feedback. I support Lars Eggert's DISCUSS position. == ** Section 1. The first objection concerns the potential risks of privacy violation. Where are these privacy concerns summarized? Could a reference be provided? [ML] Guess you think your remark hasn't yet been addressed by the new version. Considering that the implications on privacy are presented in more detail in the "Privacy Considerations" section, could it be enough to rewrite that sentence as in the following ? The first objection concerns the potential risks of privacy violations resulting from the use of personal data and the detection of facts about an individual when the requestor is not supported by lawful basis. I'm not aware of any document describing those concerns. When I wrote the "Privacy Considerations" section, I started from the threats listed in RFC6973 and I tried to identify those which could fit in with the reverse search. Afterwards, RegExt considered that section exhaustive enough to conclude the discussion about the privacy concerns. [Roman] The Privacy Considerations and the inline text make the issue clear. I was reacting to the following text: its availability as a standardized Whois [RFC3912] capability has been objected to for two main reasons, which now don't seem to conflict with an RDAP implementation. [Roman] My recommendation was that if there was a way to cite the objections to whois, it would be helpful (instead of asserting there were objections without a reference). If this is not easy to do, then please ignore the feedback. Thanks, Roman
_______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
