OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Comment Resolution for IDCloud PaaS Profile

Hi All,
David Chadwick raised some comments during IDCloud PaaS profile public review.

Email: https://lists.oasis-open.org/archives/id-cloud/201305/msg00015.html

Comment:  2. Use Case 26. Identity impersonation.

We should have no recognition or support for this feature. Impersonation is bad. full stop (since you cannot tell the difference between the real entity and an impersonator - they are the same as far as the system is concerned). What you want is delegation, so that they have the same Authz rights, but have different authenticated identities. Then you can do a proper audit. So strike out identity impersonation.

Resolution: We have removed this section from the new version of the document v1.0h

Other comments have been rejected.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]