OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

sca-c-cpp message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: NEW ISSUE: C++ C&I is inconsistent wrt Policy

Target:  C++ C&I Specification CD03

Description:  The specific intent annotations defined in Appendix B.2 are not consistent with the intents defined in Public Review Draft of the SCA Policy Framework spec.  Specifically

1) The Policy Framework now defines intents for clientAuthentication, serverAuthentication and mutualAuthentication (the original authentication intent remains, but is a synonym for clientAuthentication)
2) Replaced all the prior Security Implementation intents with a single authentication intent, which can be qualified with fine_grain.
3) Added a noManagedTransaction intent (which has different semantics that a lack of a managedTransaction intent).

Proposal:  (All changes are in section B.2)
1) Replace @Authentication with @Client Authentication and add @ServerAuthentication and @MutualAuthentication intents, both of which can be qualified with message or transport
2) Remove all of the current Security Implementation intent annotations and add an @Authorization intent, which can be qualified with fine_grain

3) Ann a @NoManagedTransaction intent
4) Remove the @JMS  annotation since a C++ application is unlikely to use the JMS API.

Bryan Aupperle, Ph.D.
STSM, WebSphere Enterprise Platform Software Solution Architect

Research Triangle Park,  NC
+1 919-254-7508 (T/L 444-7508)
Internet Address: aupperle@us.ibm.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]