Bart Schaefer <schaefer(_at_)brasslantern(_dot_)com> wrote:
However, I'd like to remind everyone of one important aspect of the
POSTAGE draft: It doesn't rely on the notion of "buying a stamp".
The transaction is structured such that the token presented by the
sender is more like a credit card authorization. The token allows the
recipient MTA to make a charge of a specified amount against an account
maintained by (a bank on behalf of) the sender. The sender does not
obtain the "stamp" from the recipient, he gets it from his bank.
Ideally, the token is issued by a "bank" where both sending MTA and
receiving MTA have accounts. Whether those accounts are like "credit" or
"debit" cards or some other model entirely is orthogonal to the spec.
(We envision agreements between "banks" that enable sending MTAs to
request a token from a different "bank" than the one the receiving MTA
will redeem it at; but that is out of scope at the moment, and we hope
for research where both use the same "bank".)
If that sender chooses to present the same stamp a million times, it's
up to the sender and his bank to resolve the dispute; if the bank has
no way to detect and refuse duplicates, it can simply tally them all
up and bill the sender after the fact.
Obviously this would make for an unhappy customer!
But Bart is correct to say that this is an issue between customer
and "bank" -- the spec is, and IMHO should be, silent on what happens
if a "bank" redeems the same token more than once.
--
John Leslie <john(_at_)jlc(_dot_)net>
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg