[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [sca-assembly] Action re. SCA Assembly Issue 233
Hi Ashok, Thanks for writing these up. Some quick thoughts: "serverAuthentication" - you put the text "Producer is authenticated by the consumer", but this highlights the very real problem that the notion of "server" doesn't appear. I suggest that if we wish for an intent wherein the producer is authenticated by the consumer, we should call that "consumerAuthenticatesProducer", rather than trying to overload an existing policy intent. "clientAuthentication" - in addition to being overloaded, I don't quite see how this works. What it implies is that the producer has fore-knowledge of its consumers and has some back-channel way to give a consumer an OK at runtime, or that the consumers share a secret with the producer. So I interpret what Ashok is saying here as "no_outsiders". By that, I mean that if messages are sent to, for example, a JMS Topic, only those consumers that already know the shared secret will be able to read the message. Either that, or that the JMS Topic is deployed such that it narrowly authorized to just the producers & consumers of a particular composite. "mutualAuthentication" - since I take issue with the names of "serverAuthentication", and "clientAuthentication", I don't think it is obvious that the combination of the two makes sense, and even if it does, I wouldn't call it "mutualAuthentication". "authorizaton" sounds very much like clientAuthentication - which again suggests that we've got an issue. Of course, part of the point of exploring the list of which intents might make sense is to understand where they might be applied. I assert, having looked at this list of all the intents that Ashok listed, that the only place it makes sense to apply intents is on a channel (which coincidentally, is the only place we allow bindings). -Eric. On 10/26/11 8:50 PM, Danny van der Rijn wrote: serverAuthentication |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]