XDI security

[Markus Sabadello <markus.sabadello@xdi.org>]

Bill + others,

I think XDI security is an area that hasn't received too much attention on the TC.
Probably because it's rather complex. Link Contracts are just a part of this, I guess.

Bill I remember you had thoughts on how XACML could be used for XDI?
I'd like to learn more about this. I have never used XACML and don't know much about, but I read a good Powerpoint presentation and some tutorials / examples..

- It looks like XACML's core concepts can easily be applied to XDI:
XACML Subject = Sender of an XDI message
XACML Action = XDI operation ($get, $add, ...)
XACML Resource = XDI address
XACML Environment = Hmm don't know, time of the day, client IP address, things like that

I read that XACML supports hierarchical resources which sounds perfect for XDI, no? I.e. a permission on =markus could automatically also include permissions on =markus/+email, =markus/+name, etc.

- I remember we once talked about individuals/organizations "owning" an XDI endpoint, and in this case automatically having full read/write permissions to the XDI server.
I think this could easily be expressed in XACML?

- With XACML, clients with certain IP addresses could automatically be given special permissions.

- How would XACML relate to Link Contracts? Would they simply be two
 different ways of doing authorization that can live side by side at an 
XDI server?

E.g. the Link Contracts are part of the XDI graph, while the XACML policy set is stored in some configuration XML file at the XDI server.
Or is something completely wrong about this line of thinking?
Would we maybe not use XACML at all and instead specific that Link Contracts are the one and only way of doing authorization?

Another question I have is, both XACML and Link Contracts seem to be only about authorization, not authentication.
So, what means of authentication do we have in XDI? Signatures on XDI messages? Passwords? What else?

I'd like to explore all this a bit..

Markus