[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Terms to be clarified at the F2F
Here's my thoughts (albeit rough) on the terms imported into draft-sstc-use-domain-03 from draft-sstc-glossary-00. I'm unable to expand on my thoughts further (at this time) about the below terms. I'll just note their essential status as I see it. When I say "def needs to be cleaned up" or "def might be ok", I mean that to say the defs stated in both draft-sstc-glossary-00 and draft-sstc-use-domain-03 need to be cleaned up and normalized wrt each other (or perhaps not). "Dragons lurking" means that it seems the term may likely be controversial and/or tough to find a def a majority of folks will be able to live with. Assertion -- wrt draft-sstc-glossary-00: I'm not sure where sense (a) came from, I might have drafted it for all I know. Given how we've chosen to define "credential", I suggest we delete the "see also: credential" from sense (a). Then sense (a) might be a resonable definition. It looks like I sorta concocted sense (b) from stuff in X.800 -- must've been late @ night. Sorta offhand, seems to me sense (a) captures the manner in which we've been using "assertion". draft-s2ml-v08a only defines "assertion" in context. It looks like draft-authxml-v2 doesn't use the term (unless acroread is lying to me, which has happened with it's "find" functionality in my experience before) Attribute Authority -- def needs to be cleaned up. I dunno how many dragons are lurking in wait; perhaps some. Attribute Assertion -- def might be ok. Authentication -- def needs to be cleaned up. I dunno how many dragons are lurking in wait; perhaps some. Authentication Assertion -- def needs to be cleaned up. I'm not sure where the def came from. I might have drafted it for all I know. There are definitely dragons lurking about this term. Authentication Authority -- def may need to be cleaned up. I have misgivings about the phrase "that verifies credentials". There are definitely dragons lurking about this term. Authorization Attributes -- def might be ok. Credential -- def is ok, imho. Log-on -- (not yet in draft-sstc-glossary-00) I think this term will be contentious. I advocate "authenticate" instead. for some reasons why, see the defs offered here for logon/login.. http://foldoc.doc.ic.ac.uk/foldoc/foldoc.cgi?query=logon http://foldoc.doc.ic.ac.uk/foldoc/foldoc.cgi?login log-off -- (not yet in draft-sstc-glossary-00) I think this term will be contentions, tho I'm not sure offhand what I'd advocate instead. Seems to me it's tied into the notion of stateful sessions (local and/or global) PDP/PEP -- I have to catch up on the recent threads on the list before saying much here. Principal, or Principle Identity -- def might be ok, but I can think of at least one alternative to think about.. An identifiable instantiation of a system entity within a security domain. Resource -- def needs work. alternatives are outlined in draft-sstc-glossary-00. Security Domain -- there's a def for this in draft-sstc-glossary-00. Security Policies -- def might be ok. need to normalize btwn the two docs. System Entity -- def likely (?) ok. Time Out -- def needs work. dragons lurking here. User -- def might be ok, but the one in draft-sstc-glossary-00 needs to be cleaned up and retain its distinction from an "administrator". Note def for "user" in draft-sstc-use-domain-03 actually is the one for "end user" in draft-sstc-glossary-00. If we're really talking about "end users", when we say "user", in draft-sstc-use-domain-03 -- as opposed to "administrators" -- we really should use the term "end users". Else if the system entity that we're calling a "user" might be ~either~ an "end user" or an "administrator", then we should use the term "user". In any case, I'm thinking that the def for "user" in draft-sstc-glossary-00 needs to be massaged such that it's clear that a "user" might be an "end user" or an "administrator" (or don those roles, or whatever). User Session -- def needs work. dragons lurking here. --- end
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC