> -----Original Message----- > From: Gavin Brown <gavin.br...@icann.org> > Sent: Tuesday, November 19, 2024 5:12 AM > To: James Galvin <gal...@elistx.com> > Cc: REGEXT Working Group <regext@ietf.org> > Subject: [EXTERNAL] [regext] Re: [Ext] WGLC: draft-ietf-regext-epp-eai (was: > WGLC: draft-ietf-regext-rdap-rir-search-09) > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content is > safe. > > I support publication, with the following comments: > > 1. The reference to Unicode TR31 in the Security Considerations section should > be formalised as an informative reference. At the moment, the URL of the > reference is just inline in plain text.
[SAH] Thanks for the feedback, Gavin. Can do. > 2. There is no Privacy Considerations section. Given that this document > pertains to transmission of email addresses, this should probably be > corrected. [SAH] I just read RFC 6973. It mentions email addresses once, in Section 5.2.1: "For example, an initiator's persistent use of the same device ID, certificate, or email address across multiple interactions could allow recipients (and observers) to correlate all of the initiator's communications over time." I can capture that, but is there anything else that would need to be noted? My immediate thought is that I could say something about the possibility of these email addresses being disclosed by systems like WHOIS and RDAP. The use of a privacy/proxy service can mitigate that risk. Anything else? Scott _______________________________________________ regext mailing list -- regext@ietf.org To unsubscribe send an email to regext-le...@ietf.org
