Re: [sacm] [sacmwg/draft-ietf-sacm-information-model] Section 6: Which endpoint to identity relation is correct? (#79)
cliffordk <notifications@github.com> Tue, 20 June 2017 18:33 UTC
Return-Path: <noreply@github.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FB1B127444 for <sacm@ietfa.amsl.com>; Tue, 20 Jun 2017 11:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.3
X-Spam-Level:
X-Spam-Status: No, score=-9.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-2.8, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HjjabdbFy9H8 for <sacm@ietfa.amsl.com>; Tue, 20 Jun 2017 11:33:00 -0700 (PDT)
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2-ext6.iad.github.net [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2EE3D1315BB for <sacm@ietf.org>; Tue, 20 Jun 2017 11:33:00 -0700 (PDT)
Date: Tue, 20 Jun 2017 11:32:59 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1497983579; bh=KDY69WomNvN9SrI7Uikk5OdLLZKCOeAqQ/5VhYQwWYQ=; h=From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=XDSs8u0xYABb/YGMXJEsGFEooK/pDRPCQDxKtcDJWlqSi89v/QM2r4fU2/0XsOced wVObaLjd/AaY01VNnN5Ggk0BmGQQcNVAzUjGOhQcqzpugAoWDc3DHBOEohB1HvBQS1 NbIAr5jvbrf+w04cXEttoOpYQc3WWxioTrBG5LB4=
From: cliffordk <notifications@github.com>
Reply-To: sacmwg/draft-ietf-sacm-information-model <reply+00a6c4d1cca6c9649a6666e9c4e07d4a0110fd492091d1c792cf0000000115612c5b92a169ce0e2460d8@reply.github.com>
To: sacmwg/draft-ietf-sacm-information-model <draft-ietf-sacm-information-model@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <sacmwg/draft-ietf-sacm-information-model/issues/79/309848279@github.com>
In-Reply-To: <sacmwg/draft-ietf-sacm-information-model/issues/79@github.com>
References: <sacmwg/draft-ietf-sacm-information-model/issues/79@github.com>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_59496a5b3d727_33063fd303387c30392c8"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: cliffordk
X-GitHub-Recipient: sacm
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: sacm@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/V9H-p5Ovh5JS6rhWIuM_70ixHxY>
Subject: Re: [sacm] [sacmwg/draft-ietf-sacm-information-model] Section 6: Which endpoint to identity relation is correct? (#79)
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jun 2017 18:33:02 -0000
Adam,
The ascii art looks like mine – I recognize the brush strokes.
My view is this: my computer acts for me. I provide my credentials. The computer uses the credentials to access resources for me.
An infected computer may act against me instead, but never mind that!
I say that an endpoint acts for an identity. The diagram is right, and the accompanying text needs correcting.
Works?
Best,
Cliff
From: adammontville <notifications@github.com>
Reply-To: sacmwg/draft-ietf-sacm-information-model <reply@reply.github.com>
Date: Tuesday, June 20, 2017 at 12:07 PM
To: sacmwg/draft-ietf-sacm-information-model <draft-ietf-sacm-information-model@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Subject: [sacmwg/draft-ietf-sacm-information-model] Section 6: Which endpoint to identity relation is correct? (#79)
In section 6 there is figure 15, which looks something like this:
+---------+*______in>_______*+-----+
|Hardware | |! !|
|Component| +---------+ |! !|
+---------+ |Software |in> |! !|
|Component|____|! !|
+---------+* *|! !|
1| |! !|
*| | | +----------+
+---------+ |End- |*_____*| Identity |
|Software |in> |point| acts +----------+
|Instance |____| | for>
+---------+* 1|! !|
|! !|
|! !|
|! !|
|! !|____
|! !|0..1|
+-----+ |
|* |
|_______|
in>
Of particular interest is the many-to-many relationship "acts for" between Endpoint and Identity; the direction of the "acts for" relation is from Endpoint to Identity, such that an Endpoint "acts for" an Identity.
However, in the paragraph above figure 15 there is a sentence reading, "...zero or more identities that act on behalf of the endpoint..." By this reading, then, the Identity would "act for" the Endpoint, which is the opposite of what the diagram seems to say.
Which is the intended perspective?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<https://github.com/sacmwg/draft-ietf-sacm-information-model/issues/79>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AMcywnDMNlj5oGXOKZ_Bqz12W9I3B4fiks5sF-5JgaJpZM4N_0E1>.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/sacmwg/draft-ietf-sacm-information-model/issues/79#issuecomment-309848279
- [sacm] [sacmwg/draft-ietf-sacm-information-model]… adammontville
- Re: [sacm] [sacmwg/draft-ietf-sacm-information-mo… cliffordk