[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: My initial cut at domain model
I suggest that the actors we are interested in are: User Authn Authority (don't feel strongly about name) Authz Authority (don't feel strongly about name) Policy Decision Point (PDP) Policy Enforcement Point (PEP) I like the idea of using the terms Asserting Party (AP) and Relying Party (RP) generically in the context of a particular interaction. This is useful when you want to talk about things that apply accross the board. For example, in one interaction, a PDP might be a RP to an Authz Authority which is acting as an AP. In another interaction, a PDP might be the AP to a PEP which is acting as a RP. In some cases you might want to say "an Authz Authority such and such..." In other cases you might want to say "an AP such and such..." This is consistent with the S2ML idea that both Authz Authorities and PDPs can assert (issue) Entitlements. Hal > -----Original Message----- > From: Orchard, David [mailto:dorchard@jamcracker.com] > Sent: Monday, February 05, 2001 3:41 PM > To: security-use@lists.oasis-open.org > Subject: My initial cut at domain model > > > In a new standards body record time, I deliver my document > within the same > meeting I took the action item. > > Dave Orchard > XML Architect > Jamcracker Inc., 19000 Homestead Dr., Cupertino, CA 95014 > p: 408.864.5118 m: 604.908.8425 f: 408.725.4310 > > Named to Red Herring's list of 100 Most Important Companies: > www.redherring.com/mag/issue79/herring100/jamcracker.html > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC