[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Use case for double opt-in and other mechanisms for preventingunwanted subscriptions
The Use Case:Because subscriptions may be made by a third party on behalf of the actual consumer, there must be some means of ensuring that the consumer only receives notifications it is interested in. There are many possible relationships among the subscriber, producer and consumer. For example
Discussion:In cases where the producer must query the consumer before beginning the subscription, arbitrarily much time may pass between the subscription request and the definitive answer. This asynchronous reply would best be handled through a callback mechanism, but we would probably rather not build this into the core subscribe exchange. In the case of secure tokens, it might make sense for the subscriber to be able to submit and verify a token for a particular consumer once (in the context of a secure connection) instead of passing it with every subscribe request.It would be desirable to push all such message exchanges out of the core Subscribe request/response. This is one driver behind having the subscriber and producer be able to first negotiate a "destination" cookie and then use that cookie in the actual subscribe request. Naturally, this is not the only way to cover these use cases. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]