Hi Danny,
On 9/29/11 6:54 PM, Danny van der Rijn wrote:
On 9/29/2011 2:21 AM, Eric Johnson wrote:
[snip]
For example, of the following intents: serverAuthentication,
clientAuthentication, authentication, mutualAuthentication,
confidentiality, integrity, there are possibly only two that
apply for pub-sub - namely "confidentiality", and "integrity".
Both matter to the producer, but may be incidental or irrelevant
to the consumer and the channel.
However, I can imagine a new intent, perhaps called
"credential.token", or "SAML" that might be interesting to apply
at a producer, to ensure that something like a SAML token gets
applied to the outgoing message. That's tricky, though, insofar
as actually determining the SAML token might be difficult to
separate from business logic.
[snip]
Anyone with *specifics* of how they think intents &
policySets should be used, that they're willing to discuss?
Otherwise, I vote the "punt" option.
As per your previous note, in a hub-and-spoke model, some kind of
authentication can make sense. How to interpret what "client"
means, though? Squinting a little funny, you could also make the
argument that some kind of authentication can makes sense in
point-to-point media as well as (squinting farther) in the
broadcast case.
That's exactly why I suggested an alternate policy of
"credential.token" which assigns some sort of SAML-like attachment
to the outgoing message. Seems radically different from
"clientAuthentication" - squinting not needed.
I recall discussing the problems with these policies at the face
to face. Apparently, either my interpretation of the issues
included more people thinking the problem is difficult, or
Martin's included fewer ;-) Or there are far more voting members
than people who attended the face to face.
Or... the discussion at the F2F was so stress-inducing that we've
collectively blocked it out.
;-)
-Eric.
|