Re: [Fwd: [Asrg] Verisign: All Your ...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 23 Sep 2003, Doug Royer wrote:
> >HIPPA covers _medical_ information. Email addresses are not medical
> >information. The email address in an email message is not a medical record
> >protected by HIPPA.  Third, the email address is already being disclosed
> >to the ISP running the relay.

> You keep assuming things and then declaring them as reasons for it to be
> a non-issue. Your assumptions about my implementation, my customer
> requirements, regulatory rulings relatedto HIPPA as it effects the
> customers license to practice, and my email routing are not true.

I'm not assuming anything about your customer requirements, other than
they are obviously sending email over the internet, and that on occassion,
they might have a invalid domain name in an email address.

This is just an officious sounding FUD phrase:
     "regulatory rulings related to HIPPA as it effects the customers
license to practice" is simply meant to scare users and care providers.
Nothing here is affected by HIPPA regulatory rulings or care providers'
license to practice.  But of course, your whole claim about HIPPA is
nothing but FUD.

> >The relevant privacy law involving email is the ECPA, not HIPPA.  Verisign
> >is prevented from disclosing the contents of any email, as is the ISP.
> >Quite obviously, Verisign is not improperly disclosing any information.
> >Contrary assertions are FUD
> >
> Name one good reason to run a bogus SMTP server that always rejects
> email if it is not their intention to use the data?  Why would anyone
> accept connections on the SMTP port at all if not to use the data?

Other TLD's that have wildcard entries do it.  Verisign's research
probably included the practices of other TLDs that use wildcard entries.

Having a rejector allows the mail to be rejected faster and ultimately
reduces network traffic. Not having a rejector would cause relays to
continue trying to connect for up to several days.  The TCP syn packet,
along with the ICMP message is about the same as accepting the connection
and rejecting the message.

There has been no evidence that Verisign has collected any sender
addresses, nor would there be any reason for them to want to.

Your two reasons, the 'only reasons you can think of', like the rest of
this, are nothing but FUD.

		--Dean
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]