Re: Service Provider Status (ISSUE-137)

On Aug 29, 2012, at 12:17 PM, Jonathan Mayer wrote:

> Some possible status ambiguities for service providers.  All are solvable with trivial engineering.

You seem to forget that service providers are acting on
in the place of a first party.

> -If a service provider is using its own domain:
> 	-Is the entity a first party, third party, or service provider?

It is a first party.

> 	-Which party is it providing outsourcing services to?  (Might be multiple parties in different roles.)

The party that owns the URI in the policy link, which is
required for this case.

> -If a service provider is using a different party's domain (e.g. a CNAMEd analytics service):
> 	-Who is the service provider?

See the first party's policy information.  There is no need for
a machine-readable identification of service providers while
they are acting in the place of a first party.  If there is,
please explain why there is no equivalent identification of
subsidiaries and employees within non-service provider first
parties that will be handling the request on behalf of their
controlling interest.


Received on Thursday, 30 August 2012 19:07:54 UTC