From 3bb8e8c374807cb245bbbceff68cbe94e4d6528d Mon Sep 17 00:00:00 2001
From: Thien-Thi Nguyen <ttn@gnuvola.org>
Date: Fri, 12 Mar 2021 02:54:30 -0500
Subject: rewrite claim token details per CG feedback

---
 taler-mcig.rst | 24 +++++++-----------------
 1 file changed, 7 insertions(+), 17 deletions(-)

(limited to 'taler-mcig.rst')

diff --git a/taler-mcig.rst b/taler-mcig.rst
index 5c8f9187..57ca4b1f 100644
--- a/taler-mcig.rst
+++ b/taler-mcig.rst
@@ -190,27 +190,17 @@ are demonstrated in the next section.
 
 **claim token**
   The claim token is a sort of handle on the order and its payment.
-  With it, the customer can access the fulfillment URI from a different
-  device than the one where the wallet is installed.
-  FIXME: that is not the point. The point is that even if the
-  $ORDER_ID can be guessed, the claim token cannot. Thus, a
-  merchant can prevent a third party from claiming an order
-  (by guessing the order ID). Imagine selling concert tickets,
-  and your order IDs are 1,2,3,4,5,. I could try to hijack other
-  visitor's orders (before they have a chance to claim them),
-  using a claim token prevents this.
+  It is useful when the order ID is easily guessable
+  (e.g. incrementing serial number),
+  to prevent one customer hijacking the order of another.
+  On the other hand, even if the order ID is not easily guessable,
+  if you don't care about order theft (e.g. infinite supply, digital goods)
+  and you wish to reduce the required processing (e.g. smaller QR code),
+  you can safely disable the claim token.
 
   By default, Taler creates a claim token for each order.
   To disable this, you can specify ``create_token`` to be ``false``
   in :http:post:`[/instances/$INSTANCE]/private/orders`.
-  => needs guideance as to when to do this, i.e. when
-     there is no worry about people 'stealing' orders
-     compiled by others, either because the order ID is
-     high-entropy OR [[because there is an infinite supply
-     and we are not concerned about order-theft attacks
-     (say by a competitor trying to prevent legitimate
-      customers from claiming their orders) AND want the
-     QR code to get smaller / scan more easily.]]
 
 **refund deadline**
   The refund deadline specifies the time after which you will prohibit
-- 
cgit v1.2.3