Closed tguild closed 3 years ago
All information sent from a VISS service to client application must be encrypted.
This could be interpreted as that encryption must be applied to the data independently of the confidentiality protection given by the transport protocol, which I think should not be a requirement. With that view I would rewrite it as shown below.
All information sent from a VISS service to client application must be transported over a confidentiality protected protocol.
Hej @UlfBj how about:
All information sent from a VISS service to client application must be transported over an encrypted protocol to help protect privacy.
All information sent from a VISS service to client application must be transported over an encrypted protocol to help protect privacy.
It makes it clear, so it is fine from my point of view.
Don't merge yet, additional changes from #378 and today's call
@peterMelco let me know if you have better wording for what you raised in
@UlfBj and others, please take a read of my start of a privacy section for VISSv2
Input welcome