OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

amqp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [amqp] [OASIS Issue Tracker] (AMQP-107) Clarifying definition for Token Name (audience)?

The 'name' maps to a node name or it may be a node name prefix if the container has some hierarchical topology. 

The 'audience' is always the node that checks "its" bucket to see whether there's a token that can be applied for authorizing an incoming link.

-----Original Message-----
From: amqp@lists.oasis-open.org [mailto:amqp@lists.oasis-open.org] On Behalf Of OASIS Issues Tracker
Sent: Friday, May 5, 2017 4:52 PM
To: amqp@lists.oasis-open.org
Subject: [amqp] [OASIS Issue Tracker] (AMQP-107) Clarifying definition for Token Name (audience)?

    [ https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.oasis-open.org%2Fbrowse%2FAMQP-107%3Fpage%3Dcom.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel%26focusedCommentId%3D66066%23comment-66066&data=02%7C01%7Cclemensv%40microsoft.com%7C28c63515f3284f30e49e08d493c63d32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636295927015219724&sdata=zrREk%2BZR%2FfKtK8EdWeZ8rIKKl9i0BARVBs5HNKigTww%3D&reserved=0 ] 

Rob Godfrey commented on AMQP-107:

I'm not sure that I consider this trivial - unless there is a way a client library can know when/how to retrieve a token and how it must then be "named" then it means that the use of this mechanism is always going to be very closely tied to the particular implementation of your vendor and needs to be coded at the application (rather than the library) level.

I admit that I had missed the implications of this previously, thinking that "name" had no semantic meaning, but was simply an identifier, and that the content of the token would be sufficient to extract the implied audience.

> Clarifying definition for Token Name (audience)?
> ------------------------------------------------
>                 Key: AMQP-107
>                 URL: https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.oasis-open.org%2Fbrowse%2FAMQP-107&data=02%7C01%7Cclemensv%40microsoft.com%7C28c63515f3284f30e49e08d493c63d32%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636295927015229733&sdata=F%2FFj%2B%2FxXsXlO2bEBd5uoMmghJ181gCw7f6xWaNTCyzA%3D&reserved=0
>             Project: OASIS Advanced Message Queuing Protocol (AMQP) TC
>          Issue Type: Improvement
>          Components: Claims Based Security
>    Affects Versions: cbs-WD03
>            Reporter: Brian Raymor
>            Assignee: Brian Raymor
>            Priority: Trivial
>             Fix For: cbs-WD04
> The definition has not been updated from WD2. For put-token and delete-token, the token name is defined as:
>   The “audience” to which the token applies.
> Is there a more concrete, precise definition?

This message was sent by Atlassian JIRA

To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]