OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Comments on draft-sstc-hodges-glossary-01

> > 3. "Subject" seems to be adequately covered by the definition of
> >    "security subject". I don't think further qualification is
> >    necessary.
> I'm not sure I agree without thinking about it a bit more. 
> There's a fine
> distinction being made about what role (active or passive) a 
> subject has donned
> and we might want to simply make that distinction in the 
> terminology. thoughts?

Hi Jeff,
Here are a few more thoughts.

From the above comments about active and passive roles, it seems that
some of your concerns might be around wanting to distinguish two roles
for a subject: active and passive. Wouldn't "object" or "Security
Object"  work for a the case when a entity is in a passive role.

If an entity is in a passive role, then my thoughts are that really we
should use the term "object" or "security object".

I note we are using the same definition as ECMA TR/46 for "security
subject" and "security object". The same document defines "subject"
to be an abbreviation of "security subject" and "object" to be an
abbreviation of "security object".


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC