[OGSA-AUTHZ] Your comments on Func Components
David Chadwick
d.w.chadwick at kent.ac.uk
Wed Nov 28 12:58:09 CST 2007
Hi Richard
thanks for your comments. I am making an update that takes your comments
into account.
i) title change accepted
ii) the difference between IDP and AA is an interesting one which Tom
also raised. I think we need more discussion about this in the whole
group to agree upon this issue
iii) I have added a definition of attribute "Attribute is a property of
an entity". Nice and simple, and all encompassing :-)
iv) I have clarified credential to authorisation credential. An AC and a
signed SAML assertion are both authorisation credentials.
v)I have removed the capabilities text.
vi) deleted "mode of"
vii) I have put the defn in alphabetical order
viii) added "when making a decision" to clarify how unacceptable
credentials are ignored.
ix) users present authorisation credentials, not attributes, since the
latter cannot be trusted. The CVS turns the former into the latter.
x) minor editorials all accepted.
thanks
David
--
*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick at kent.ac.uk
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5
*****************************************************************
More information about the ogsa-authz-wg
mailing list