This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Privacy requirements
- Previous message (by thread): [anti-abuse-wg] Privacy requirements
- Next message (by thread): [anti-abuse-wg] Privacy requirements
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Frank Gadegast
ripe-anti-spam-wg at powerweb.de
Tue Dec 20 19:32:23 CET 2011
Alessandro Vesely wrote: > On 20/Dec/11 15:44, Frank Gadegast wrote: >> >> Raising the restrictions on personal objects isnt a bad idea at all, >> but it should wait until personal data and abuse contacts are >> seperated, like outlined by Tobias' last proposal and after >> most objects in the database confirm to this new model. > > Agreed. What synchronization is exactly needed depends on the > software details, so I'd leave that in RIPE NCC's hands. However, > proposal 2011-06 doesn't mention relaxing access restrictions. Do we > need to add such goal explicitly? No, thats really a different issue and should be looked at later. >> I would love to hide all personal email addresses behind >> a randomly changing address<randomcode>@abuse.ripe.net > > Uh, that sounds like programming the "search" button to step aside > from the cursor whenever users try to click on it :-) Yes, sounds like security by obscurity, but why not ? I like to make sure, that this should not apply to abuse contacts, wich are to my opinion the only contacts that really need to be available for automated system. Or does anybody see a reason, that a non-abuse but personal contact should be visible by whois or in whatever else automated way ? I cant think of an example here. whois could show the netrange, netname, routing and all other technical objects, surely the new abuse-c with all its data, could name the other contacts, but then simply point to a webpage for the details of the other contacts. >> And names, postal, fon and fax address of personal objects >> could be hidden behind a webpage with captcha code or thelike, >> maybe the abuse finder tool could be enhanced here. > > Yes, personal data has to be protected. Perhaps not names. Perhaps > login is easier than captcha for some users. A login for everybody that simply wants to know to whom a network belongs ? Thats maybe too much security and it should better not be possible to track, wich user is requesting wich information. That would again be personal data, thats needs to be protected inside the systems of RIPE NCC, better leave that one out. Kind regards, Frank -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank at powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ====================================================================== -- Mit freundlichen Gruessen, -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank at powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
- Previous message (by thread): [anti-abuse-wg] Privacy requirements
- Next message (by thread): [anti-abuse-wg] Privacy requirements
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]