[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [trust-el] Four-eyes principle method
So it's fair to say it's an 'edge' case as regards to scope then. And while it may be complicated to implement, it may be that Austria has implemented it, and therefore proven it at least to that extent. Can you confirm either way Rainer? IMHO 'edge cases' are fine if they add value, and don't create confusion about the overall intent of the TC's work. As Abbie said on last week's call, the upcoming F2F offers an opportunity to put some finer grained detail around the stated scope, which will help with discussing interesting contributions like this. Cheers Colin -----Original Message----- From: trust-el@lists.oasis-open.org [mailto:trust-el@lists.oasis-open.org] On Behalf Of Massimiliano Masi Sent: Thursday, 26 January 2012 10:25 p.m. To: Colin Wallis Cc: trust-el@lists.oasis-open.org Subject: Re: [trust-el] Four-eyes principle method My opinion is that the workflow looks reasonable (elevating trust because two other users with different roles and LoAs are vouching for you is a common and good idea). On the other hand, to let the app A to maintain a state for T1 looks complicated to have it correctly implemented, IMHO. Having a sort of stateful app A that keeps track of two authorizations that can happen at different time, requires to have a carefully designed and implemented app, that can be quite complicated without detailed implementation details. Il giorno 26/gen/2012, alle ore 05:01, Colin Wallis ha scritto: > My feeling is that, useful as it is in the context of authorization and access control, it's outside of scope (which in the Statement of Purpose is pretty clear as being authentication). > > Cheers > Colin > > > -----Original Message----- > From: trust-el@lists.oasis-open.org [mailto:trust-el@lists.oasis-open.org] On Behalf Of Mary Ruddy > Sent: Thursday, 26 January 2012 11:03 a.m. > To: trust-el@lists.oasis-open.org > Subject: RE: [trust-el] Four-eyes principle method > > Ranier, > > Thank you very much for suggesting this method. Having multiple levels of > approval is also used for authorizing some financial transactions in the US. > In your particular example, everything is at LOA-3, and risk (from fraud and > errors) is reduced by increasing trust within that LOA-3. > > What do others think about the scope? > > -Mary > > -----Original Message----- > From: trust-el@lists.oasis-open.org [mailto:trust-el@lists.oasis-open.org] > On Behalf Of Rainer Hoerbe > Sent: Wednesday, January 25, 2012 3:22 PM > To: trust-el@lists.oasis-open.org > Subject: [trust-el] Four-eyes principle method > > I am not quite sure if that method is within the survey's scope, but I would > like to leave it to the group to discuss this. > > Regards, > Rainer > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 10.0.1416 / Virus Database: 2109/4765 - Release Date: 01/25/12 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: trust-el-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: trust-el-help@lists.oasis-open.org > > ==== > CAUTION: This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you. > ==== > > --------------------------------------------------------------------- > To unsubscribe, e-mail: trust-el-unsubscribe@lists.oasis-open.org > For additional commands, e-mail: trust-el-help@lists.oasis-open.org > -- Massimiliano Masi Tiani "Spirit" GmbH Guglgasse 6 Gasometer A 1110 Vienna Austria/Europe ==== CAUTION: This email message and any attachments contain information that may be confidential and may be LEGALLY PRIVILEGED. If you are not the intended recipient, any use, disclosure or copying of this message or attachments is strictly prohibited. If you have received this email message in error please notify us immediately and erase all copies of the message and attachments. Thank you. ====
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]