On Sat, May 22, 2004 at 10:24:14AM +1000, grenville armitage wrote: > > If your threat model postulates someone knowing enough about you to check > for your IETF registration, then simply knowing when IETF meetings occur gives > them a pretty good start. Testing your email account for 'out of office' > replies gives them on-the-week confirmation. Just watching what you've > been saying on ietf mailing lists leading up to the next scheduled IETF > meeting can confirm their suspicions. Not everyone attends every IETF. Not everyone uses email autoreplies. > I.e. hiding IETF registrations is hardly likely to impact on the threat offered > to your personal security by anyone knowledgable enough about your behavior > to be checking the IETF's online registrations list in the first place. But there's no reason the list should be published in advance. > But in any case, post-meeting release of the registration list would go > along way to satisfying the goal of knowing "who was there". The only issue seems to be people who want to check their *own* registration status, and who didn't keep a record of their email confirmation. There are other ways to solve that. Tim _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf