[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [security-services] The multiple subject issue
On Wed, 30 Jan 2002, Hallam-Baker, Phillip wrote: > A statement can have exactly ONE subject that may be desribed by a > Name Identifier alone, OR a Name Identifier and subject confirmation > OR a subject confirmation alone. Thanks for clarifying this. I found the discussion of multiple subject names on the last conf call deeply puzzling because I was under the impression that we had agreed to the model you describe here, which makes concerns about the semantics of multiple subject names per statement simply go away because multiple subject names don't exist. It was this clarification we sought when discussing this at the last F2F and I'm hoping we have found it. The flip side of this is the claim, which I think Eve was championing on the last call, that multiple subject names in a statement would be a good and useful thing in some situations, and in particular that the Java "principal" concept needs this. While I'm not intimate with the Java model for this stuff, let me suggest that the expression of security properties and relationships among multiple named entities (eg, "the entity 'cn=Joe,ou=foo,dc=example,dc=com' with subjectConfirmation publickey XXX also has the name 'email@example.com' with subjectConfirmation kerbTGT YYY") is the sort of thing that can and should be supported either with authentication statement extensions with well-defined semantics, or with attribute statements. Having a single subject per statement will allow us to avoid this semantic quicksand for now and get our spec out the door. - RL "Bob"
Powered by eList eXpress LLC