[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Internal WG Review: Credential and Provisioning (enroll)
Paul,
> >> 1. An identifier, within a namespace controlled by the service
> >> provider, for the service consumer.
> >> 2. Keying information to be used for identity confirmation.
> >> 3. A set of service consumer permissions. These permissions
> >> describe to the provider the services that the
consumer
> >> wants to access, and they describe to the consumer
what
> >> services offered by the provider will be accessable.
> >>
> >
> >This is a very clear and precise description of the problem. The actual
work
> >items, discussed below, seem to focus on an overall architecture and
> >specific solutions for 2. For interoperability, however, it seems to me
that
> >all three might need to be addressed, but 1 and 3 seem fraught with the
> >possibility of lots of proposed solutions and very few possible ways to
> >judge their merit. Does the WG intend to have actual solutions for 1 and
3
> >(as opposed to architecture) be out of scope or possible recharter items
or
> >...?
>
> If there is interest in specifying some profiles for 1 and 3, we
> would possibly take it on, but we're not interested in limiting
> either of them. For example, if someone wrote a short document saying
> "if you are going to use OIDs for the identifiers and permissions,
> here are some OID suggestions", that would be OK. If they said "here
> is the proper way to use OIDs" or "permissions must look like this,
> we would probably say no.
>
Do you think it might be possible to include something in the charter that
clarifies this?
jak