OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Ballot Attached - Group 3: Sessions

I'm baffled.  I have always wanted explicit scenarios showing differences
between logout and timeout.  I originally wanted to make the scenarios
explicit to show logout/timeout separately (and votable separately), hence
my first submission.  These are the only user or system actions that result
in changes of state.  These seemed to be the only things that are applicable
for session to me.  It was my thinking that if you approve either timeout or
logout, you have approved a form of session.  I was instructed to keep the
numbering and use cases roughly as is - specifically UC-3-1 session.  I
didn't agree at the time, but did it anyways, the 2nd /final submission.  

It now looks like a good thing because some people appear to want session
mgmt, but not logout and/or timeout.  This gives us a mechanism to approve
the topic, and then dive into the details of what these mean.  If we had
done what I suggested, then we might not have approved session management,
even if sufficient people wanted some form of it.  Now that we have approved
the concept of session management, we can start trying to figure out what
the detailed requirements and design..

Cheers,
Dave

> -----Original Message-----
> From: Evan Prodromou [mailto:evan@outlook.net]
> Sent: Tuesday, February 27, 2001 12:14 AM
> To: UseCaseList
> Subject: Re: Ballot Attached - Group 3: Sessions
> 
> 
> >>>>> "EP" == Evan Prodromou <evan@outlook.net> writes:
> 
>     JH> rationale: I believe this is subsummed within the topic of
>     JH> [UC-3-1:UserSession] and we should deal with it explicitly in
>     JH> that context.
> 
>     EP> So, I'm kind of confused by this rationale.
> 
> Actually, on review, I've noticed that it was actually David's idea to
> remove these requirements. I still don't understand why, but I see I
> was directing my questions at the wrong person.
> 
> David: why? B-) I find this even more puzzling, because those were
> req'ts pulled out of ITML and posted to this list. Was there a reason
> you didn't want the explicit logout, timeout, etc. requirements?
> 
> ~ESP
> 
> ------------------------------------------------------------------
> To unsubscribe from this elist send a message with the single word
> "unsubscribe" in the body to: 
> security-use-request@lists.oasis-open.org
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC