From: [EMAIL PROTECTED] Paul's suggestion is to weaken the Privacy requirement by allowing the monitor a choice of a wider range of behaviors. The reasoning behind this is that the monitor is a delegate of the callee, whose privacy we are attempting to protect. The monitor can combine stricter or looser rules for authorizing CC subscribes/recalls with hueristics to detect abuses.
I believe that other members of the CC working group have been considering the possibility of making the monitor's authorization policy at its option, rather than being tightly prescribed. With this recap, I now start to see what they are considering. However, the previous formulation had the advantage that it clearly gave us the behaviors we want (but it couldn't be reliably deployed in the real world). The new formulation is heuristic, and we need to do some more work to ensure that monitor policies can be devised that satisfy the users' requirements in practical deployments. Dale _______________________________________________ BLISS mailing list [email protected] https://www.ietf.org/mailman/listinfo/bliss
