OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ws-sx message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [ws-sx] Issue 94: Define Domain

Tony suggested that the definition of domain used by SP is from RFC
2828. I don't think so. These are given:

----
$ domain
      (I) Security usage: An environment or context that is defined by a
      security policy, security model, or security architecture to
      include a set of system resources and the set of system entities
      that have the right to access the resources. (See: domain of
      interpretation, security perimeter.)

      (I) Internet usage: That part of the Internet domain name space
      tree [R1034] that is at or below the name the specifies the
      domain. A domain is a subdomain of another domain if it is
      contained within that domain. For example, D.C.B.A is a subdomain
      of C.B.A. (See: Domain Name System.)

      (O) MISSI usage: The domain of a MISSI CA is the set of MISSI
      users whose certificates are signed by the CA.

      (O) OSI usage: An administrative partition of a complex
      distributed OSI system.
----

None of these seem to fit. I think the meaning of domain as used by SP
is more like this:

---
From Merriam-Webster online dictionary:

http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=domain

4: a sphere of knowledge, influence or activity <the domain of art>
----

But this begs Ashok's question as to whether WS-SP constitutes one
domain or several.

Hal


> -----Original Message-----
> From: Marc Goodner [mailto:mgoodner@microsoft.com]
> Sent: Tuesday, July 25, 2006 4:03 PM
> To: Ashok Malhotra; ws-sx@lists.oasis-open.org
> Cc: Prakash Yamuna
> Subject: [ws-sx] Issue 94: Define Domain
> 
> Issue 94.
> 
> -----Original Message-----
> From: Ashok Malhotra [mailto:ashok.malhotra@oracle.com]
> Sent: Tuesday, July 25, 2006 12:21 PM
> To: ws-sx@lists.oasis-open.org
> Cc: Prakash Yamuna
> Subject: [ws-sx] NEW ISSUE: Define Domain
> 
> Title: We need a definition for "domain" in WS-SecurityPolicy
> 
> Description:
> WS-SecurityPolicy uses the word "domain" in several places.  For
> example, in Section 3.1.3 bullet 4:
> "Assertions from one domain MUST NOT be nested inside assertions from
> another domain." ...
> 
> Target: WS-SecurityPolicy
> 
> Proposal: I think we all know what's meant here but we need a formal
> definition for the word "domain".  One possibility is to group all
> assertions within a domain in a single namespace that contains only
> assertions for that domain.
> 
> All the best, Ashok
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]