[Nml-wg] Identifiers and Security
Aaron Brown
aaron at internet2.edu
Fri Nov 2 16:08:20 EDT 2012
On Nov 2, 2012, at 7:52 AM, Jeroen van der Ham <vdham at uva.nl> wrote:
> Hi,
>
> Last call we briefly discussed the issue of the identifiers and their relation to the security section of the schema document.
>
> I've tried to write something for this, and I would appreciate feedback:
>
> Implementers should be aware that the NML descriptions do not provide any guarantee regarding the integrity nor the authenticity. The NML documents also can not provide this for the identifiers contained in the documents. Implementers should use external means of verifying the authenticity of identifiers contained in the documents.
I think the focus on identifiers is wrong. The issue is that if nml description A creates an element named X, and nml description B has an element named X, there is no way to define which X is correct, and in fact, the "merge all X's into a single X" means that X, whatever it may be, is the combination of the X's in nml descriptions A and B.
I might word it like:
Implementers should be aware that the NML descriptions do not have any guarantees regarding the integrity nor the authenticity. It is Implementers should use external means of verifying the integrity and authenticity of the elements contained in NML descriptions.
Cheers,
Aaron
TIP2013, University of Hawaii Mānoa
January 13 - January 17, 2013, Honolulu, HI
http://events.internet2.edu/2013/tip/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.ogf.org/pipermail/nml-wg/attachments/20121102/2037a59a/attachment.html>
More information about the nml-wg
mailing list