This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[cooperation-wg] Comment on eid-and-trust-services-regulation
- Previous message (by thread): [cooperation-wg] EU proposa on qualified signatures
- Next message (by thread): [cooperation-wg] Comment on eid-and-trust-services-regulation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Mon Apr 22 15:29:22 CEST 2013
Amelia, I read your blog (see link in the post below) and wish to thank you for your work and for your amendments to the eIDSA. In particular, I support how you'd move art. 11 to art. 4a and the additions brought there. It seems that, if techniques like OAuth 2.0 or similar --based on pseudonyms like email addresses-- take root, then mailbox providers may become the trust service providers of choice for a number of mundane transactions, including shopping and subscriptions to newsletters and mailing lists. The ability to generate pseudonyms ad-hoc (the part before the "@") can allow complete anonymity, and possibly trace unwanted leakage of the pseudonym itself. In addition, a provider chosen by the data subjects can register such transactions on their behalf: Any other method for acquiring consent ends up being registered on the processor's side only, which I consider unfair of Directive 95/46/EC. Regards A mailbox provider -------- Original Message -------- From: Patrik Fältström <patrik at frobbit.se> Date: Mon, 22 Apr 2013 10:00:07 +0200 To: cooperation-wg at ripe.net <cooperation-wg at ripe.net> Subject: [cooperation-wg] EU proposa on qualified signatures All, There is as some of you might know a discussion in EU related to e-ID and a new proposed regulation on trust services. One summary of the situation is made by member of the European Parliament Amelia Andersdotter that criticizes the proposal that is on the table for the parliament. I have personally had problems with the original directive, and this proposal even more as it tries to enforce onto people and organisations who to trust. Or more specifically, who you should trust as a trusted third party. I think federated solutions are better as "one size does not fit all", and with federated solutions one can more easily build services the way "it was intended" on the Internet. Anyway, here is the summary by Amelia, and maybe we should spend some time on this in Dublin, if people are interested? http://ameliaandersdotter.eu/eid-and-trust-services-regulation/ Patrik
- Previous message (by thread): [cooperation-wg] EU proposa on qualified signatures
- Next message (by thread): [cooperation-wg] Comment on eid-and-trust-services-regulation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]