On Sun, Jan 26, 2014 at 4:56 PM, Andreas Schildbach <andreas@schildbach.de> wrote:
The BIP70 is very brief on what a PaymentACK is supposed to mean. Quote:

"it [PaymentACK] is sent from the merchant's server to the bitcoin
wallet in response to a Payment message"

Does it simply mean we received a syntactically correct Payment message?
Does it mean the Payment is valid?
Does it mean the Payment is valid and confirmed?
How long can we delay the ack until all conditions for payment are met?
I assume its not a good idea to keep the HTTP (or Bluetooth, for that
matter) connection open for an hour while waiting for a blockchain
confirmation.

The purpose of PaymentACK is to give the customer reassurance that their payment request has been received and will be processed (or not).

If it is syntactically incorrect or invalid in a way that the payment processor can detect right away then a PaymentACK with a message saying that there is a problem should be the response.

Waiting until confirmed is definitely not the right thing to do, but waiting a few seconds to detect a 0-confirmation double-spend attempt before sending back an ACK is fine.  The BIP is intentionally vague on how long it might take to get an ACK, but, again, the intent is to give the customer reassurance that their payment was received and is being processed, whatever "processed" means (order sent to shipping for fulfillment, or awaiting 11 confirmations, or "your burger is paid for you can leave the restaurant and we won't chase after you").

 
--
Gavin Andresen