[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Comments on draft-sstc-hodges-glossary-01
> > > 3. "Subject" seems to be adequately covered by the definition of > > "security subject". I don't think further qualification is > > necessary. > > I'm not sure I agree without thinking about it a bit more. > There's a fine > distinction being made about what role (active or passive) a > subject has donned > and we might want to simply make that distinction in the > terminology. thoughts? Hi Jeff, Here are a few more thoughts. From the above comments about active and passive roles, it seems that some of your concerns might be around wanting to distinguish two roles for a subject: active and passive. Wouldn't "object" or "Security Object" work for a the case when a entity is in a passive role. If an entity is in a passive role, then my thoughts are that really we should use the term "object" or "security object". I note we are using the same definition as ECMA TR/46 for "security subject" and "security object". The same document defines "subject" to be an abbreviation of "security subject" and "object" to be an abbreviation of "security object". Regards, Nigel.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC