IETF Logo Mail Archive

[abfab] Comments on draft-smith-abfab-usability-ui-considerations-02

"Jim Schaad" <jimsch@augustcellars.com> Thu, 02 August 2012 17:44 UTC

Return-Path: <jimsch@augustcellars.com>
X-Original-To: abfab@ietfa.amsl.com
Delivered-To: abfab@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3136E11E81AA for <abfab@ietfa.amsl.com>; Thu, 2 Aug 2012 10:44:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lQ5gkcinjaAU for <abfab@ietfa.amsl.com>; Thu, 2 Aug 2012 10:44:02 -0700 (PDT)
Received: from smtp4.pacifier.net (smtp4.pacifier.net [64.255.237.176]) by ietfa.amsl.com (Postfix) with ESMTP id AB7A811E81A6 for <abfab@ietf.org>; Thu, 2 Aug 2012 10:44:02 -0700 (PDT)
Received: from Tobias (dhcp-10a6.meeting.ietf.org [130.129.16.166]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp4.pacifier.net (Postfix) with ESMTPSA id 50A5438F0D; Thu, 2 Aug 2012 10:44:02 -0700 (PDT)
From: Jim Schaad <jimsch@augustcellars.com>
To: smith@Cardiff.ac.uk
Date: Thu, 02 Aug 2012 10:42:36 -0700
Message-ID: <008f01cd70d6$35b21d30$a1165790$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Ac1wTmT5aOg4o6bCS1ij/wEnSCqLPw==
Content-Language: en-us
Cc: abfab@ietf.org
Subject: [abfab] Comments on draft-smith-abfab-usability-ui-considerations-02
X-BeenThere: abfab@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Application Bridging, Federated Authentication Beyond \(the web\)" <abfab.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/abfab>, <mailto:abfab-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/abfab>
List-Post: <mailto:abfab@ietf.org>
List-Help: <mailto:abfab-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/abfab>, <mailto:abfab-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Aug 2012 17:44:03 -0000

This is a set of first impressions and should not be construed as an actual
review of the document.


1.  Section 4  s/for a user to user a different/for a user to use a
different/


Issues:
1. application specific choice of identities
2. separation of ABFAB identities from other GSS-API credentials
3.  Ordering of identity choice for least privilege principles
4.  Identification of non password based credentials - where does the secret
come from?  Credential may or may not be usable based on the state of a plug
in token as an example.

v2.23.0 | Report a Bug | By Email