OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: The Hal/David model

The graphic has been rendered into a number of different formats and given 
a "proper" filename.  The GIF version is now here (and you can find other 
versions there as well):

   http://www.oasis-open.org/committees/security/docs/draft-moses-arch-model-00.gif

Sorry for any confusion,

         Eve

At 12:03 PM 3/9/01 -0500, Eve L. Maler wrote:
>People who attended F2F #1 will recall the diagram that Hal Lockhart drew
>up on the whiteboard.  It was something he and David Orchard came up with
>to help the use-case group settle on terminology and a rough model of the
>"things" we're discussing.  Fred Moses worked from his notes to create the
>following electronic version, which reflects a bit more of the discussion
>we had that day:
>
>    http://oasis-open.org/committees/security/docs/sstcach1.gif
>
>I'm sure we need more revisions to this diagram, but I would like to work
>towards consensus on the names for things and the relationships between
>them.  Please use this thread to discuss it, and we will take it up as a
>topic at the 20 March telecon.
>
>For starters:
>
>- On Tuesday, we discussed separating each box so that there's no hint of
>chronology.  This could mean, e.g., duplicating the "1" callout so that
>it's shown separately as the output of a credential collector and the input
>to an authentication authority.
>
>- I think the policy balloons should largely be in the "Not SAML" layer
>above.  Or is the XACML discussion precisely about whether some of these
>balloons should be in scope?  Can we give distinct names to the different
>types of policies?
>
>- What exactly do the input/output letters above refer to?
>
>- I think we *may* have consensus that the "SAML" box should cover more
>stuff to the left, e.g., it should cover the authentication
>authority.  Comments?
>
>- Do we have consensus that SAML should cover the PEP box?
>
>Thanks to Fred for making this version; I think Hal and David should now
>take up any revisions we ask for.
>
>         Eve

--
Eve Maler                                             +1 781 442 3190
Sun Microsystems XML Technology Development  eve.maler @ east.sun.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC