[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Client Registration
Tim Hudson said: > Bob (Griffin), I'd like to put on the agenda for the next meeting that > we vote to defer the Entity and Client registration proposals for KMIP > 1.1 and focus on sorting out the more direct need for device > ... > Currently, KMIP 1.0 avoids the entire topic as 'owner' is not visible > outside of the server internal context. > I don't think that it is unreasonable for KMIP 1.1 to continue to take > the same approach. I'd like to second Tim's call to defer the client registration proposal. In looking at the client registration proposal, and specifically the introduction of the new owner attribute, I kept asking myself, "Why is it necessary to expose an owner attribute in the protocol?" I can see in some applications that it is useful to have the concept of an owner, but I'm not convinced that owner needs to be a defined attribute in the KMIP protocol. Surely it can be handled as a logical attribute by the server. As far as I can tell, the current proposed changes relating to owner, mostly just change the default permissions from the "creator" of an object to the "owner" of the object, where by default, the creator is the owner. I see no value in this. If we were to introduce an owner attribute, could it be optional? Could we have more than one owner of the same object? Should the owner always be an entity, or could it be another object; e.g. a group, or a role? Could we have part-owners; e.g. N-of-M scenarios, where the owner is some defined minimum subset of entities, each having some partial claim to ownership? I think that all of these scenarios are reasonable, but perhaps better handled outside the KMIP protocol and inside the server. John ---------------------------------------------------------------- John Leiseboer QuintessenceLabs Pty Ltd Chief Technology Officer Suite 23, Physics Building #38 P: +61 7 5494 6740 Science Road F: +61 2 6125 7180 Australian National University M: +61 409 487 510 Acton, ACT 0200 Australia mailto:jl@quintessencelabs.com www.quintessencelabs.com ----------------------------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]