OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [kmip] Client Registration

Tim Hudson said:
> Bob (Griffin), I'd like to put on the agenda for the next meeting that
> we vote to defer the Entity and Client registration proposals for KMIP
> 1.1 and focus on sorting out the more direct need for device
> ...
> Currently, KMIP 1.0 avoids the entire topic as 'owner' is not visible
> outside of the server internal context.
> I don't think that it is unreasonable for KMIP 1.1 to continue to take
> the same approach.

I'd like to second Tim's call to defer the client registration proposal.

In looking at the client registration proposal, and specifically the
introduction of the new owner attribute, I kept asking myself, "Why is
it necessary to expose an owner attribute in the protocol?" I can see in
some applications that it is useful to have the concept of an owner, but
I'm not convinced that owner needs to be a defined attribute in the KMIP
protocol. Surely it can be handled as a logical attribute by the server.

As far as I can tell, the current proposed changes relating to owner,
mostly just change the default permissions from the "creator" of an
object to the "owner" of the object, where by default, the creator is
the owner. I see no value in this.

If we were to introduce an owner attribute, could it be optional? Could
we have more than one owner of the same object? Should the owner always
be an entity, or could it be another object; e.g. a group, or a role?
Could we have part-owners; e.g. N-of-M scenarios, where the owner is
some defined minimum subset of entities, each having some partial claim
to ownership? I think that all of these scenarios are reasonable, but
perhaps better handled outside the KMIP protocol and inside the server.

John

----------------------------------------------------------------
John Leiseboer                    QuintessenceLabs Pty Ltd
Chief Technology Officer          Suite 23, Physics Building #38
P: +61 7 5494 6740                Science Road
F: +61 2 6125 7180                Australian National University
M: +61 409 487 510                Acton, ACT 0200 Australia
mailto:jl@quintessencelabs.com    www.quintessencelabs.com
----------------------------------------------------------------

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]