On 07/11/18 11:30 AM, Gould, James wrote: > 1. Clarifying that it’s up to server policy to define the server action > taken when the verification code grace period expires >
Thanks, JG; I see that -05 incorporates this change. > 2. Ensure that the VSP does not modify the data verified after the > verification code is generated > This does not seem to be a concern since the VSP is transmitting only the verification code. Sorry for the confusion, we can ignore this. > 3. Include a HRPC section in draft-ietf-regext-verificationcode > This is being discussed actively on the list, but at present I > believe that we can address the feedback without adding a new > section to the document. > The primary concerns (as highlighted in the review) relate to how implementing this extension in a locality impacts registrants' privacy, freedom of expression, and allows the VSP to discriminate based on registrants' personal information. These minor changes I proposed, unfortunately, cannot address these primary concerns. That is why it may be useful to add a section with human rights considerations. I have shared the text that I think will be useful to include in the draft in another thread. Hope we can use that as a starting point for consensus. Thank you. Gurshabad
signature.asc
Description: OpenPGP digital signature
_______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
