[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [kmip] Client Registration Proposal question
Stan, Thank you for your feedback. You are right, the proposal does not address sharing of the objects based on the owner attribute. In fact, I made a comment during the proposal update about two weeks ago that perhaps a different proposal should address object sharing, specifically, the Group proposal. I also remember Krishna's response to my comment that the Group proposal was not a good place for it (I'm paraphrasing). Clearly, object sharing and access control based on the Owner attribute needs to be addressed. I am open to any suggestions, including the following: - Client Registration proposal needs to be updated to include object sharing based on the owner attribute and a notion of a collection of Entities (I used the term collection to make it explicitly different from Group) - Group proposal needs to be updated to include object sharing based on the owner attribute - A separate collection proposal that addresses object sharing - Postpone the object sharing and access control until further release (beyond this year) - Leave object sharing and access control outside of the scope of KMIP at server discretion I would like to get consensus on which of the options we should choose, perhaps we can discuss this during the call on Thursday. Regards, Denis -----Original Message----- From: Feather, Stan S [mailto:stan.feather@hp.com] Sent: Friday, May 06, 2011 5:12 PM To: Pochuev,Denis; kmip@lists.oasis-open.org Subject: RE: [kmip] Client Registration Proposal question Denis, I've reviewed the spec changes you've proposed, and I'd like some clarification about support for sharing keys/objects. Is key sharing between registered Entities considered to be based on server-policy, unrelated to the Owner attribute that each client sees? There are clearly use cases for sharing objects/keys between multiple Entities registered with the same server. So, at least to me, it isn't clear how Owner supports this. Thanks, Stan Feather HP StorageWorks -----Original Message----- From: denis.pochuev@safenet-inc.com [mailto:denis.pochuev@safenet-inc.com] Sent: Wednesday, April 27, 2011 6:37 PM To: kmip@lists.oasis-open.org Subject: [kmip] Groups - Client Registration Proposal (kmip-1.0-spec-client-reg-d.doc) uploaded Updated following Bruce R's comments and added Entity tag. -- Mr. Denis Pochuev The document revision named Client Registration Proposal (kmip-1.0-spec-client-reg-d.doc) has been submitted by Mr. Denis Pochuev to the OASIS Key Management Interoperability Protocol (KMIP) TC document repository. This document is revision #2 of kmip-spec-1.0-client-reg-B.pdf. Document Description: View Document Details: http://www.oasis-open.org/committees/document.php?document_id=41961 Download Document: http://www.oasis-open.org/committees/download.php/41961/kmip-1.0-spec-client-reg-d.doc Revision: This document is revision #2 of kmip-spec-1.0-client-reg-B.pdf. The document details page referenced above will show the complete revision history. PLEASE NOTE: If the above links do not work for you, your email application may be breaking the link into two pieces. You may be able to copy and paste the entire link address into the address field of your web browser. -OASIS Open Administration The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]