[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [amqp] AMQP CBS Status
Tokens are generally opaque and are usually based on some prior OOB agreement and exchange of secrets between the relying party (token target) and the issuer. I really donât want to be more specific in the spec than we are here, since itâs
not this mechanismâs business to know. The mechanism simply moves opaque stuff. Regarding the token types, the spec enumerates âcommon token typesâ but that doesnât preclude using others and doesnât mean you need to support any of them and maybe we should clarify that.
From: Rob Godfrey <rgodfrey@redhat.com>
On Fri, 8 Feb 2019 at 13:09, Clemens Vasters <clemensv@microsoft.com> wrote:
It's been a long time since I looked at this... my main question is really whether we need to go into more detail about the form of the tokens. The document says things like "Before
the Client establishes a link or sends messages to âq1â, it puts a token with the appropriate claims conferring âsendâ permission to âq1â on the CBS Node, and verifies its successful disposition. Tokens can be put at any time, and expiring tokens can be replaced
at any time." What is "appropriate", how does the client know the form of token required? Moreover we define at least three token types - are we saying that every party must support all three, any one of the three, none at all? How is that information conveyed. -- Rob
-- _____________________________________________________________________________ |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]