Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
In a consent system, the developers and administrators of the system have
full freedom to choose which sources and auditors to trust. The notion of
all sources being "tainted" is something that should mentioned, but I am
not sure whether that should be done in the consent framework or as part of
BCPs.
The consent system proposed by ASRG MUST NOT depend on information
from third parties to the consent exchange. However, the parties to
the consent exchange MAY use such information, if they so choose. If
they do, the MUST still communicate their consent as part of the
consent exchange, even if some of that consent is based on information
from third parties.
The issue is one of informed consent, and of transparency of
consent. If the sender is unknowingly unable to achieve informed
consent, then there is no effective consent framework.
Participants to the consent exchange can use any information they
wish to make their decisions. Third parties to the consent exchange
are uninvolved, and therefore should be forbidden from interfering in
that conversation (barring legal matters.)
e.g. Say I subscribe to a political censorship service, and that
service decides to ban all traffic from Ira{q,n}. When I get
communication requests from Ira{q,n}, I MUST inform them that I do not
consent to that communication. The reasons why I do not consent are
personal, and SHOULD NOT be communicated.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg