[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Description of problems around underspecified Credentials, like Username & Password
My preference would be for the 3rd option. I believe the
credential types need to be included and there needs to be a specified way to
handle exchange of the User/Password credential pair. From: Matthew.Ball@Sun.COM [mailto:Matthew.Ball@Sun.COM] Sent: 2010-02-18 11:22 AM To: kmip@lists.oasis-open.org Subject: [kmip] Description of problems around underspecified Credentials, like Username & Password To expand on today's discussion around the lack-of-specification for any Credentials Types, I'm hoping to better explain the problem (future interoperability issues) and suggest some ways around the problem. In kmip-spec-1.0-cd-06, there is the requirement to support the Credential Type (see 12.1, item 1b), and an underspecification of the Credential Type Enumeration (see 9.1.3.2.1). This leads to problems in testing server conformance of the Credential Type, and can encourage vendors to create ad-hoc formats for the various credential types listed in the enumeration field. Note that kmip-usecases-1.0-cd-07 (the latest use-cases document) shows an example of using the "Username & Password" Credential with the value "CredentialA:secret", implying that the official format for passing Usernames and Passwords is to concatenate the two fields with a colon (":") in between. To avoid the problems around ad-hoc formats for the Credential Values, the group should consider taking one of the following actions:
Thoughts or comments? Thanks! -Matt |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]