[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some SACRED blasphemy

To: "Covey, Carlin" <ccovey@xxxxxxxxxx>, "'ietf-sacred@xxxxxxx'" <ietf-sacred@xxxxxxx>
Subject: Re: Some SACRED blasphemy
From: "Chris M. Lonvick" <clonvick@xxxxxxxxx>
Date: Tue, 09 Jan 2001 14:14:44 -0600
In-reply-to: < >
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sacred@xxxxxxxxxxxx

At 11:04 AM 1/9/01 -0800, Covey, Carlin wrote:
>SACRED persons, I hope that I may be forgiven a minor blasphemy ....
>
>Both the SACRED requirements document and the SACRED framework document make
>reference to
>"entities" that use credentials.  In reading through the documents though,
>they seem to be
>making the assumption that an entity is a "user" who wants to make the
>credentials
>that are available to her in the context of some device environment, also
>available to
>her in a different device environment.
>
>I think a little broader view is potentially useful.  
---remainder deleted for brevity---

Hi Carlin,

This was somewhat discussed a while ago.  Check the archives for
items around this one:
  http://www.imc.org/ietf-sacred/mail-archive/msg00092.html

I would really _not_ like for this WG to make any real distinction 
between "user", "proxy", "good guy", "supreme being", or "device",
nor any of the entities which you describe at this time.  The scope 
of work is laid out to allow for a protocol to transfer credentials.  
While your thoughts are valid, let's try to deliver that functionality 
first.  After that, perhaps the WG may be re-chartered to address 
the issues you raise.  

I'll say that the issues that I raised before were more along the 
lines of _not_ making a limiting distinction about who was the 
"user".  I'll repeat my previous thoughts here:  It would be really
nice if the products of this WG could be used to transfer the
credentials between devices that are not closely associated with
a real person.  I am trying to keep up with the discussions and
drafts here to see if there are any problems with that concept (none 
so far).  However, I realize that if an impasse is reached, the 
decision must go towards the strict definition of the person.

I'd suggest that you also watch the list and IDs to see if there is 
going to be anything that may limit or exclude your idea.  (I don't
think there has been so far.)  When the IDs are far enough along 
and stable, I'll support your ideas and also see if an official 
designation needs to be made for the router administrator who may
also be known as your definition of a security administrator.

Thanks,
Chris

Prev by Date: RE: US6154543: Public key cryptosystem with roaming user capabili ty
Next by Date: Re: Some SACRED blasphemy
Previous by thread: Re: Some SACRED blasphemy
Next by thread: RE: Some SACRED blasphemy
Index(es):
- Date
- Thread