Graham Klyne wrote:
> I think that's OK if: (a) the callout processor can be trusted by
> the dispatcher to not save or distribute the information provided
> beyond the immediate requirements of processing, and
Yes (you probably refer to a "callout SERVER" whan talking about a
"callout PROCESSOR", right :)
> (b) it is clear that the callout processor only performs
> transformations that are explicitly requested by the dispatcher.
Yes.
> Should that much be mentioned in security considerations?
I wouldn't have a problem with mentioning that, except maybe that it
does not directly relate to the protocol itself. I rather thought this
would have to be included either in the architecture draft or maybe
better in the "policy enforcement" document.
-Markus