[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: New delegation draft
All, I have posted draft 08 of the delegation profile. There are lots of changes as you can see from the diff. I have improved the text, figures, consistency and terminology. I have also simplified some parts of the processing model. I took away to the "issuer congruency" thing, which on second though felt a bit unnecessary. I also removed the ban on combination algorithms that could evaluate to "deny". When I thought about it, I don't think there really are any algorithms that cannot evaluate to "deny". Instead I wrote that "deny" results which are not by the trusted issuer are to be discarded, which is really what we tried to say. It also gives us a clean point where we can start working on adding reduction of denys. Despite what I said during the latest meeting, I changed the name of the trusted issuer, since it felt weird to have the trusted _issuer_ be called "delegate". This is a version that I am fairly happy with for now. There should be no major inconsistencies and I have filled in details so it is quite complete, so it should be pretty much implementable as it is. Of course all planned features are not there yet, but what is there should make sense. Let me know if it doesn't. ;) I had some thought about the terms "Result", "Value" and "Decision". They are pretty much synonymous right now, but there are some subtle differences among the states of the values during the processing, that we might want to define in more detail. Let me know if you find any confusion in this aspect. During the process I have found some more open issues, but I will add them to the wiki instead of writing them here. Erik
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]