There is solving administrative problems within the IETF and there is solving the larger problem for the whole Internet.
There is also a difference in interactive contact exchange and static publication. Have people noticed we stopped using phone numbers? We now use the entry in the contacts. Enabling a secure, high work factor credential exchange via QR code is pretty straightforward. Bump phones once and you can have automatically updating contacts for life. No need to worry about human readability or the ability to enter the address.
Where it gets sticky is publishing an address in a paper document.
I have an existence proof for a solution, several in fact. All depends on how much readability you demand and how much infrastructure you are willing to build out.
Opaque fingerprints such as MB5S-R4AJ-3FBT-7NHO-T26Z-2E6Y-WFH4 have low infrastructure requirements. But usability is lousy. There are tricks can be used to shorten the fingerprint while maintaining the work factor (patent should have expired now).
Another approach is to use RFC822 style addresses but limit use to 'hailing'. So Alice gives Bob 'alice@xxxxxxxxxxx', they exchange contacts and from then on the contact assertion is used, Bob can still contact Alice if she changes service provider.
If you want to publish a persistent address, you can combine -- alice@xxxxxxxxxxxxxx--MB5S-R4AJ-3FBT-7NHO-T26Z-2E6Y-WFH4
Or you can spin up a new registry but designed in such fashion that the registrant does not pay for resolution services which allows the cost of registration to be dropped sharply.
You could build it on top of SAML if you like. This sort of application is what the assertion infrastructure was originally designed to support. But people seem to like JSON better than XML these days and it is a better approach to data serialization.
On Wed, Aug 14, 2024 at 9:48 PM Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote:
Terry,
We effectively have that already. Try these:
https://datatracker.ietf.org/person/sob@xxxxxxxxxxx
https://datatracker.ietf.org/person/terry@xxxxxxxxxx
https://datatracker.ietf.org/person/brian@xxxxxxxxxxxxxx
The only issue I see is that if you have no formal role (lucky me!), no current email address is listed. That could be an option in the user's profile, or "author" could be added as a new role. (If you like that, we could discuss it at tools-discuss@xxxxxxxx)
Regards
Brian Carpenter
On 15-Aug-24 11:46, Terry Manderson wrote:
>
>
>> On 15 Aug 2024, at 7:54 AM, touch@xxxxxxxxxxxxxx wrote:
>>
>> Although I appreciate the impact this has to our RFCs, we all experience this (touch@xxxxxxx is no more as well), though perhaps not to the same degree.
>>
>> I’ll step in here to defend Harvard’s decision; having an email available to someone who no longer holds an official position is a significant legal risk.
>>
>> Emails, URLs, and even RFC numbers change (remember back when TCP was “always” RFC793?). Search engines mitigate this problem, as would (preferably) a bounce message from Harvard providing the next known email, at least for a while.
>>
>> Joe
>>
>
> I'm looking at this from the impact to the RFCs and the link between RFC authors and other inquisitive minds. Especially while the author is still interested in responding to email questions.
>
> I wonder if a level of abstraction can be created through an "author profile" that ties together all past author's address blocks and can provide the "latest known" address.
>
> Just a thought.
>
> Cheers,
> Terry
