Hi Vittorio,
At 05:03 AM 16-04-2025, Vittorio Bertola wrote:
> Il 16/04/2025 09:43 JST Stephen Farrell
<stephen.farrell@xxxxxxxxx> ha scritto:
>
> ISTM it's generally fine to use "Rob S" so long as there's a
> way to track back to find a more real-world identity, which
> could be via the LLC and payments or whatever, whenever that
> is something necessary, e.g. in the case of some IPR dispute.
> I don't think the real-world identity needs to be trivially
> apparent to readers of the blue-sheets.
I agree, and actually, I am not sure that the IETF's policy of
forcing people to disclose online in public that they were in a
specific meeting is GDPR-compliant. It's fine to record who was in
the room and even to require disclosure of full and true identity
for that, but IMHO (and IANAL) it is hard to argue that publishing
the resulting lists to the general public is strictly necessary to
the functioning of the meeting, up to the point that no specific,
separate, optional consent is necessary. It would be sufficient to
disclose the list to the appropriate parties if problems arise.
In any case, the only case I have seen of people not signing with
their full name is the UK NCSC employees one, and I have seen them
do the same at every conference. I do not know if this is an agency
policy and what are the reasons, but perhaps, if lists weren't made
public on the web, they would have less need to do so.
There are a few persons on this mailing list who noticed that
attendees affiliated with the National Cyber Security Centre, United
Kingdom, hide their last name. Eric Vyncke posted a message at
https://mailarchive.ietf.org/arch/msg/ietf/ZXK1aL1zOJaYh8OkxDTxqS8O4Lg
It showed that the last name was visible. The "hide my name"
approach does not seem very effective if the attendee doing that
authors an Internet-Draft.
I took a quick look into the "hide my name". It seems like it was a
trend over the past five years to maintain some level of
anonymity. Some people may have valid reasons to do that. A few
IETF participants may be wary to see that happening within the
standards process due to some past revelations pertaining to cryptography.
The meetings are generally described as public meetings. The records
of public meetings are generally published. It would be inconsistent
for the community to claim that it is transparent if it does not make
those records accessible to the general public.
Regards,
S. Moonesamy
