[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (AMQP-106) Clarify the intent of "receiving peer"
[ https://issues.oasis-open.org/browse/AMQP-106?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=66913#comment-66913 ]
Brian Raymor commented on AMQP-106:
-----------------------------------
Clemens to provide a 'pull request' clarifying this point.
> Clarify the intent of "receiving peer"
> --------------------------------------
>
> Key: AMQP-106
> URL: https://issues.oasis-open.org/browse/AMQP-106
> Project: OASIS Advanced Message Queuing Protocol (AMQP) TC
> Issue Type: Improvement
> Components: Claims Based Security
> Affects Versions: cbs-WD03
> Reporter: Rob Godfrey
> Assignee: Clemens Vasters
> Priority: Trivial
> Fix For: cbs-WD05
>
>
> Section 2. Overview, second paragraph:
> Claims-based security composes with the security model defined in [AMQP]. The receiving peer can accept the connection and session without establishing any authentication context or can mandate that the client authenticates at the transport level and/or using a supported SASL mechanism.
> What is recieiving peer supposed to mean here? - AMQP (without SASL) doesn't define two distinct roles. TCP defines the client and server role, and the SASL layer defined in AMQP Section 5.3 reflects this. Should this really be something like "An AMQP connection can be established without any authentication context, or the peers can mandate authentication at the transport level and/or using a supported SASL mechanism." ?
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]