network reputation [was: IP is...]

Eric Brunner-Williams brunner at nic-naa.net
Thu Jan 24 05:55:22 UTC 2008



> Security is a strong supporter of privacy ...
I've removed the part of this sentence I don't understand.

Privacy involves more than just non-disclosure, it also involves issues 
like identifiable retention
and identifiable 3rd-party provisioning and identifiable other-policy 
collection linkages, and ...

There were, and are people who contribute from time to time to the IETF, 
who decided that it
was sufficient to indicate if the source of a flow had a "privacy 
preference". Look for binary
valued labels in RFCs pertaining to the provisioning of PII to some well 
known data collectors
(and data publishers).

There were also, and I suppose also are, people who contribute from time 
to time to the IETF,
who have decided that it is insufficient to indicate the policy 
preference, if any, of flow sources,
absent indications of the policy practices of flow otherpoints, which 
may also be flow endpoints.
Look for labels which cannot be projected to a binary values without 
loss of information in RFCs
pertaining to the provisioning of PII to some well known data collectors 
(and data publishers).

Which is a long-winded way of saying that security != privacy.

Eric




More information about the NANOG mailing list