RE: full integrity?

From: Aleksandar Gogic ^lt;agogic@qualcomm.com>
Date: Thu May 23 2002 - 17:06:52 EDT

At 06:04 PM 5/22/2002 -0700, Dan Greening wrote:
>I think it's more of a MAY NOT. The privacy platform MAY NOT allow
>users to provide false information, but MUST allow rule-makers to reject
>location requests. If the privacy platform allows users to provide
>false information it MUST indicate that capability somehow to external
>systems (like through a configuration-query).
>
>So if I'm in Randy, or visa versa, then some platforms will allow me to
>say I'm in Sally, while others will allow me to say "location not
>available". However, those platforms that allow me to provide false
>information need to identify themselves as such.

I'm more on Eric's side of the argument. It's just as effective to say
"stuff it", as it is to provide false information, in terms of privacy
protection at least. And I still say the latter may be less effective if
poorly executed. Provision of false information creates all kinds of other
problems, ultimately leading to the question - can you trust anybody. It
can create a lot of confusion in the market. Would you trust a liar who
tells you that he/she is lying?

It's better to think of this as varying degrees of accuracy. Rather than
telling somebody you are in Kansas, when in fact you are in New York, just
tell them you are somewhere in North America. You still keep them in the
dark regarding your exact whereabouts. It's only a question of how dark is
dark enough.

>(I love privacy examples, they're so *dirty* :)
>
>Dan Greening, Ph.D. CEO, BigTribe Corporation
> 330 Townsend Street, Suite 209, San Francisco, CA
>94107-1662
> greening@bigtribe.com +1(415)995-7151 fax 995-7155
>
>
>
>-----Original Message-----
>From: Eric Brunner-Williams in Portland Maine
>[mailto:brunner@nic-naa.net]
>Sent: Wednesday, May 22, 2002 5:30 PM
>To: Dan Greening
>Cc: Randy Bush; Randall Gellens; ietf-geopriv@mail.apps.ietf.org;
>brunner@nic-naa.net
>Subject: Re: full integrity?
>
>
> > I like the "telling them to stuff it" idea over providing false
> > information.
> >
> > You could choose to send a generic error message that doesn't
> > distinguish between a policy rejection and a system inability to
>provide
> > the location. This way a recipient can't tell if it's the policy or
>the
> > infrastructure that is causing the problem. There are some problems
> > with providing false information. If recipients act on that false
> > information, it seems to me that lawsuits are highly likely.
>
>
>Ah, I'm _with_ Randy. In fact, I'm in the same resolution cell. Heck, I
>_am_
>Randy. What part of this rates a MUST NOT, assuming Randy and I are
>consenting
>adults (with obscure peering arraingements)? For what technical reason?
>
>Eric

Aleksandar Gogic
QUALCOMM Incorporated
5775 Morehouse Drive
San Diego, CA 92121-1714
Office: +1 858 651 5386
Mobile: +1 858 213 7368
agogic@qualcomm.com
Received on Thu May 23 17:08:06 2002

This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:23 EST