Re: TPE Handling Out-of-Band Consent (including ISSUE-152)

I think that it is fine to have a response that means, "We operate with
OOBC and will make that determination later."  I do not think that it
should be allowed for an entity to send a blanket signal that means, "We
think that we have consent from you.", just because that determination will
be made later.  That seems deceptive, and I think that authorizing that
kind of blanket response could undermine confidence in the spec.  Doesn't
"C" mean, "I think I have consent from you."?  That is why I suggested
something like "L" for "later".


On Tue, Mar 26, 2013 at 3:42 AM, Rigo Wenning <> wrote:

> On Friday 22 March 2013 14:53:35 Roy T. Fielding wrote:
> > I think Alex raised the issue early on and we simply neglected
> > to design for it.
> I remember that Shane said: If one believes to operate under OOB, just
> signal that. The rest is determined by the OOB regime. This is the
> design IMHO.
> We are going into hybrid systems (DNT/OOB) here. And in a hybrid system,
> Justin is right, we have to ask why we can't identify those with OOB or
> why we don't use the DNT system in its entirety. My guess is, that we
> are talking about a transition in technology and Ronan is concerned
> about the liability during the transition (transition may take years).
> There is no technology solution to transition :(
>  --Rigo

Received on Tuesday, 26 March 2013 12:48:15 UTC