Re: URI ACR extension

Hi Sune,

I have a suggestion for the default parameter ...  This should not be null, since then you'll have every data miner east of the Moon trying to hack your scheme.  Rather I suggest http://purl.org/pii/terms/#alpha  (HTML) or http://purl.org/pii/terms/alpha (RDF)  or make up your own URL to oblivion.  It won't stop miscreants, but it will slow down robots nicely.


--Gannon


________________________________
 From: "sune.jakobsson@telenor.com" <sune.jakobsson@telenor.com>
To: uri@w3.org 
Cc: Kevin.Smith@vodafone.com 
Sent: Friday, March 2, 2012 7:05 AM
Subject: URI ACR extension
 
Dear all.

I would like to bring your attention the http://tools.ietf.org/html/draft-uri-acr-extension-04  submission.

Technical summary:

   This URI scheme is intended as an extension to the "tel:"
   scheme but without disclosing the true identity of a reference or a
   user.  The "acr" URI describes an anonymous reference, that can be
   mapped to a resource or a user.  There are multiple situations where
   the true identity of a user or a resources can not be disclosed.  The
   "acr" URI is a globally unique identifier ( "name" ) only; it does
   not describe the steps necessary to reach the user or the device.
   However it can contain a parameter indication what body or
   organisation that could resolve it.  It is intended for privacy
   protection, where a user trusts a translating party, that can route
   or forward the request or message to the true user or resource.

This is an individual contribution, so I need help to bring this to a working group, and hopefully convert it to a permanent RFC in time.

Open Mobile Alliance is using this on multiple network enablers, to allow anonymous access to API's

Any advice would be helpful. :)


BR Sune Jakobsson