+1 on adoption On 2018-07-18 20:48, Dan York wrote: > > >> On Jul 18, 2018, at 2:14 PM, Tim Wicinski <tjw.i...@gmail.com >> <mailto:tjw.i...@gmail.com>> wrote: >> >> >> This starts a Call for Adoption for draft-dickinson-dprive-bcp-op >> >> The draft is available here: >> https://datatracker.ietf.org/doc/draft-dickinson-dprive-bcp-op/ >> >> Please review this draft to see if you think it is suitable for adoption >> by DPRIVE, and comments to the list, clearly stating your view. > > I support the adoption of the document. I think it provides useful > operation guidance to operators looking to implement the protocols and > mechanisms being implemented in DPRIVE and other groups. > > As I stated at the mic at IETF 102, I do feel like the section on > creating a "DNS Privacy Policy and Practice Statement" (DPPPS) could > be split out into a separate document. My rationale was that: > > 1. It is a couple of pages of content after 17 pages of more > operational guidance; > 2. I could see a different audience for a document creating a DPPPS. I > could see someone being tasked with going and creating such a policy > for an operator - who might be different from the people implementing > the other parts of the document; and > 3. The DPPPS guidance *might* be more static and therefore a separate > document would not need revision while operational guidance might. > > However, I'm also sympathetic to the view that it makes sense to keep > it all together during these earlier days and because operators will > need to create DPPPS documents. Splitting it out *might* be something > to consider as the document continues to evolve, but for now I'm fine > leaving it in. >
Standardised privacy notices (policy+practise) have been studied in other cases, and are of course useful for overviews (by consumers, researchers, more broadly etc). See e.g. https://dl.acm.org/citation.cfm?id=2911988 One could object the source of the requirements on the notices is not the technical community, but I think the study pretty much exemplifies what the utlity is of taking the approach of this draft and include it. Cranor in general has done a lot of work on privacy notices, from a particular jurisdictional perspective, I guess: https://scholar.google.com/citations?hl=en&user=kIUqgbcAAAAJ&view_op=list_works&sortby=pubdate best regards, Amelia > Dan > > > -- > Dan York > Director, Content & Web Strategy, Internet Society > y...@isoc.org <mailto:y...@isoc.org> +1-802-735-1624 > Jabber: y...@jabber.isoc.org <mailto:y...@jabber.isoc.org> > Skype: danyork http://twitter.com/danyork > > http://www.internetsociety.org/ > > > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy -- Amelia Andersdotter Technical Consultant, Digital Programme ARTICLE19 www.article19.org PGP: 3D5D B6CA B852 B988 055A 6A6F FEF1 C294 B4E8 0B55 _______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy
