[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: The Hal/David model
People who attended F2F #1 will recall the diagram that Hal Lockhart drew up on the whiteboard. It was something he and David Orchard came up with to help the use-case group settle on terminology and a rough model of the "things" we're discussing. Fred Moses worked from his notes to create the following electronic version, which reflects a bit more of the discussion we had that day: http://oasis-open.org/committees/security/docs/sstcach1.gif I'm sure we need more revisions to this diagram, but I would like to work towards consensus on the names for things and the relationships between them. Please use this thread to discuss it, and we will take it up as a topic at the 20 March telecon. For starters: - On Tuesday, we discussed separating each box so that there's no hint of chronology. This could mean, e.g., duplicating the "1" callout so that it's shown separately as the output of a credential collector and the input to an authentication authority. - I think the policy balloons should largely be in the "Not SAML" layer above. Or is the XACML discussion precisely about whether some of these balloons should be in scope? Can we give distinct names to the different types of policies? - What exactly do the input/output letters above refer to? - I think we *may* have consensus that the "SAML" box should cover more stuff to the left, e.g., it should cover the authentication authority. Comments? - Do we have consensus that SAML should cover the PEP box? Thanks to Fred for making this version; I think Hal and David should now take up any revisions we ask for. Eve -- Eve Maler +1 781 442 3190 Sun Microsystems XML Technology Development eve.maler @ east.sun.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC