OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

coel message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] (COEL-75) RPE: Mandate use of different passwords in different embodiments

Paul Bruton created COEL-75:
-------------------------------

             Summary: RPE: Mandate use of different passwords in different embodiments
                 Key: COEL-75
                 URL: https://issues.oasis-open.org/browse/COEL-75
             Project: OASIS Classification of Everyday Living (COEL) TC
          Issue Type: Task
            Reporter: Paul Bruton


Ref; RPE section 4.3.1.4 "Different userids and different passwords MAY be used for each embodiment"

We might allow the use of the same username in different embodiments but we ought to mandate the use of different passwords. If anyone snoops on IDA traffic (e.g. through attacking the DNS and impersonating the IDA) and collects operator passwords that can then be used to retrieve data from a service provider, we are putting consumers behavioural data at risk.



--
This message was sent by Atlassian JIRA
(v6.2.2#6258)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]