[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Chaining of Callout Servers


At 8:25 AM -0400 7/25/02, Markus Hofmann wrote:
Hilarie Orman, Purple Streak Development wrote:

<snip>

privacy, security, 

if machines are in the same admin domain, no change; would recommend
strongly that machines be restricted from communicating outside the
admin domain, but there's no way to enforce this

Hm, yup, agreed.

To the extent that the machines in the same administrative domain are operated by the same corporate entity and are covered by the same privacy policy, then perhaps chaining of callout servers would not add to complexity. The end user would need to have access to Server A's privacy policy and that policy would need to take full responsibility for privacy-affecting actions of Server B, C, etc. But if Servers B, C, etc. were operated by different entities, then the end user would need to have access to the privacy policies of B, C....

Ultimately I have no position on the chaining of callout servers so long as the potential impacts on privacy, etc. can be addressed.

John Morris

--------------------------------------------------
John Morris // CDT // http://www.cdt.org/standards
--------------------------------------------------